php更改密码脚本尝试了很多不同的东西没什

时间:2015-02-12 11:49:44

标签: php mysql login passwords

我有一个很大的麻烦,让一个脚本工作来更改密码,并让它真的很累,所以如果有任何想法它会很棒。

我所追求的是一个脚本,用于检查登录的用户,然后有3个字段:旧密码,新密码和重复密码,然后只需提交,密码应在数据库中更改。

我使用mySQL,这是在网站上直播,所以没有什么是本地的

如果您需要更多信息,请告诉我。

这是检查连接并登录的代码:

    <?php

ob_start();
$host="***"; 
$username="***"; 
$password="***"; 
$db_name="***"; 
$tbl_name="***";


mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 


$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);


$count=mysql_num_rows($result);


if($count==1){


session_register("myusername");
session_register("mypassword");
$msg = "Du är inloggad!";
header("location:main_login.php?msg=$msg");
}
else {
$msg = "Fel användarnamn eller lösenord!";
header("location:main_login.php?msg=$msg");
}
ob_end_flush();
?>

我尝试了这段代码并修改了一下,但没有让它工作,也不知道我做错了什么。
:(

注意:不需要MD5或其他安全密码

<?php
$_SESSION["myusername"];
$conn = mysql_connect("***","***","***");
mysql_select_db("***",$conn);
if(count($_POST)>0) {
$result = mysql_query("SELECT *from users WHERE username='" . $_SESSION["myusername"] . "'");
$row=mysql_fetch_array($result);
if($_POST["currentPassword"] == $row["password"]) {
mysql_query("UPDATE users set password='" . $_POST["newPassword"] . "' WHERE userId='" . $_SESSION["myusername"] . "'");
$message = "Password Changed";
} else $message = "Current Password is not correct";
}
?>
<html>
<head>
<title>Change Password</title>
<link rel="stylesheet" type="text/css" href="styles.css" />
<script>
function validatePassword() {
var currentPassword,newPassword,confirmPassword,output = true;

currentPassword = document.frmChange.currentPassword;
newPassword = document.frmChange.newPassword;
confirmPassword = document.frmChange.confirmPassword;

if(!currentPassword.value) {
    currentPassword.focus();
    document.getElementById("currentPassword").innerHTML = "required";
    output = false;
}
else if(!newPassword.value) {
    newPassword.focus();
    document.getElementById("newPassword").innerHTML = "required";
    output = false;
}
else if(!confirmPassword.value) {
    confirmPassword.focus();
    document.getElementById("confirmPassword").innerHTML = "required";
    output = false;
}
if(newPassword.value != confirmPassword.value) {
    newPassword.value="";
    confirmPassword.value="";
    newPassword.focus();
    document.getElementById("confirmPassword").innerHTML = "not same";
    output = false;
}   
return output;
}
</script>
</head>
<body>
<form name="frmChange" method="post" action="" onSubmit="return validatePassword()">
<div style="width:500px;">
<div class="message"><?php if(isset($message)) { echo $message; } ?></div>
<table border="0" cellpadding="10" cellspacing="0" width="500" align="center" class="tblSaveForm">
<tr class="tableheader">
<td colspan="2">Change Password</td>
</tr>
<tr>
<td width="40%"><label>Current Password</label></td>
<td width="60%"><input type="password" name="currentPassword" class="txtField"/><span id="currentPassword"  class="required"></span></td>
</tr>
<tr>
<td><label>New Password</label></td>
<td><input type="password" name="newPassword" class="txtField"/><span id="newPassword" class="required"></span></td>
</tr>
<td><label>Confirm Password</label></td>
<td><input type="password" name="confirmPassword" class="txtField"/><span id="confirmPassword" class="required"></span></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" value="Submit" class="btnSubmit"></td>
</tr>
</table>
</div>
</form>
</body></html>

3 个答案:

答案 0 :(得分:0)

嗯,这是一个你可以使用的简单功能吗?未经测试但它是围绕PDO的使用编写的,你必须对它进行一些调整,我多年没有使用过Mysql。

function changePassword($previous, $previoustwo, $new, $userid)
{
    if ($previous != $previoustwo) { 
        return false; 
    }
    $query = $this->conn->prepare("UPDATE users SET password = ? WHERE id = ?");
    $hashPass = password_hash($new, PASSWORD_DEFAULT);
    $values = array($hashPass, $userid);
    if ($query->execute($values)) {
        return true;
    } else {
        return false;
    }
}

然后您可以通过这样做来调用它,例如,可能使用$ _POST数据:

changePassword('oldpassword321', 'oldpassword321', 'newawesomepassword123', 11);

答案 1 :(得分:0)

这样的东西 
if ($mynewpassword == $mynewpassword2) {
    mysql_query("set password = password('$mynewpassword')");
}

答案 2 :(得分:0)

请使用此代码查看您的mysql错误。

  $result = mysql_query("SELECT *from users WHERE username='" . $_SESSION["myusername"] . "'");
$row=mysql_fetch_array($result);
if($_POST["currentPassword"] == $row["password"]) {
mysql_query("UPDATE users set password='" . $_POST["newPassword"] . "' WHERE userId='" . $result["id"] . "'");
$message = "Password Changed";
} else {
$message = "Current Password is not correct";
}
相关问题
最新问题