Question

我正在尝试在我的一件作品中更改密码选项。

我想做的是：
1.首先验证当前密码。
2.如果输入的当前密码正确，则“继续”按钮向下移动，并显示一个名为“确认”的新字段 3.显示时，字段和按钮的属性会发生变化 4.然后我想在相应的文件中输入新密码并确认密码，并检查两个字段是否具有相同的值 5.如果两者具有相同的值，则更新表格，如果没有，则发出警报。

问题：从第4步开始，我正面临着这个问题。每当我在两个字段中都给出错误的值时，我会将错误视为“密码不正确”而不是“密码和确认密码不匹配！”。

我可能出错的地方？

提前致谢。

Jquery的

<script>
$(document).ready(function()
{
    $('#Button1').click(function()
    {
        var password=$('#password').val();
        var dataString = 'password='+password;
        $.ajax({
            type:"POST",
            data: dataString,
            url: "activateSettings.php",
            cache:false,
            success: function(html){
                if(html){
                    alert('Incorrect Password');
                }
                else{
                    $('#password').attr('id', 'newpassword');
                    $('#newpassword').attr('name', 'newpassword');
                    $('#newpassword').val('');
                    $('#newpassword').attr('placeholder', 'Enter your new password');

                    $('#confirm').css("visibility", "visible");

                    $('#Button1').addClass('move');
                    $('#Button1').val('Change');
                    $('#Button1').attr('id', 'ButtonChange');
                    $('#ButtonChange').attr('name', 'ButtonChange');
                }
            }
        });
    });


    $('#ButtonChange').click(function()
    {
        var newpassword=$('#newpassword').val();
        var confirmpassword = $('#confirm').val();

        var dataString = 'newpassword='+newpassword+'&confirmpassword='+confirmpassword;

        $.ajax({
            type:"POST",
            data: dataString,
            url: "activateSettings.php",
            cache:false,
            success: function(html){
                if(html){
                    alert('Password and Confirm Password does not match!');
                }
            }
        });
    });
});
</script>

PHP

<?php
include 'connect.php';
session_start();

if (isset($_POST['password']))
{
    $found = false;
    $password = $_POST['password'];
    $user = $_SESSION['username'];
    $sql = "SELECT salt, password, firstname, lastname FROM user WHERE username = '$user'";
    $result = mysqli_query($db, $sql);

    if ($data = mysqli_fetch_array($result))
    {
        $salt = $data['salt'];
        $crypt_pass = hash('sha256', $salt.$password);
            if ($crypt_pass == $data['password'])
            {
                    $found = true;
        }
    }
        mysqli_close($db);

        if($found == false)
        {
        echo '0';
    }
}
else
if(isset($_POST['newpassword']) && isset($_POST['confirmpassword']))
{
    $newpassword = $_POST['newpassword'];
        $confirmpass = $_POST['confirmpassword'];

    if($newpassword == $confirmpass)
    {
        //Create SALT
        $bytes = openssl_random_pseudo_bytes(6, $cstrong);
            $salt   = bin2hex($bytes);
        //Encrypt PASSWORD with SALT
        $crypt_pass = hash('sha256', $salt.$password);

        $sql = "UPDATE `user` SET `salt` = $salt, `password` = $crypt_pass WHERE `username` = '$user'";
        $result = mysqli_query($db, $sql);
            mysqli_close($db);
    }
    else{
        echo '0';
    }
}
?>

HTML

        <input type="password" id="password" name="password" value="" autocomplete="off" placeholder="Enter your current password">
        <input type="password" id="confirm" name="confirm" value="" autocomplete="off" placeholder="Re-type password">
        <input type="submit" id="Button1" name="proceed" value="Proceed">

更新：我尝试了Naresh提供的脚本。它向我显示了正确的消息，但对数据库没有影响。

Answer 1

更改脚本

<script>
function check(val)
{
  var type=$(val).attr("name");
    if(type=="proceed")
    {
        var password=$('#password').val();
        var dataString = 'password='+password;
        $.ajax({
            type:"POST",
            data: dataString,
            url: "test.php",
            cache:false,
            success: function(html){
                if(html=="false"){
                    alert('Incorrect Password');
                }
                else{ 
                    $('#password').attr('id', 'newpassword');
                    $('#newpassword').attr('name', 'newpassword');
                    $('#newpassword').val('');
                    $('#newpassword').attr('placeholder', 'Enter your new password');

                    $('#confirm').css("visibility", "visible");

                    $('#Button1').addClass('move');
                    $('#Button1').val('Change');
                    $('#Button1').attr('id', 'ButtonChange');
                    $('#ButtonChange').attr('name', 'ButtonChange');
                }
            }
        });
    }
    else if(type=="ButtonChange")
    {
        var newpassword=$('#newpassword').val();
        var confirmpassword = $('#confirm').val();

        var dataString = 'newpassword='+newpassword+'&confirmpassword='+confirmpassword;

        $.ajax({
            type:"POST",
            data: dataString,
            url: "test.php",
            cache:false,
            success: function(html){
                 if(html=="false"){
                    alert('Password and Confirm Password does not match!');
                }
            }
        });
    }
}
</script>

将按钮更改为

<input type="submit" id="Button1" name="proceed" value="Proceed" onclick="check(this)">

<强> PHP

<?php
//include 'connect.php';
session_start();

if (isset($_POST['password']))
{
    $found = false;
    $password = $_POST['password'];
//    $user = $_SESSION['username'];


    if( $password=="test")
    {
        echo "true";
    }
    else
        echo "false";
}
else
if(isset($_POST['newpassword']) && isset($_POST['confirmpassword']))
{
    $newpassword = $_POST['newpassword'];
        $confirmpass = $_POST['confirmpassword'];

    if($newpassword == $confirmpass)
    {
        echo "true";
    }
    else{
       echo "false";
    }
}
?>

更改html属性后，无法向数据库提交值

1 个答案: