从表单输入

时间:2015-10-26 11:11:33

标签: php html

我正在尝试更新“管理员”中的密码字段。输入电子邮件并回答安全问题后的数据库。

提交表单时,数据库中的密码字段已清空,但表单中输入的新密码未添加。

passwordchange.php 

    <?php
        session_start();
        include ('connect-db.php');


        $email = !empty($_POST['email']) ? $_POST['email'] : false;
        $email_escaped = mysqli_real_escape_string ($db, $email);
        if ($email){
            $sql = "SELECT 'securityq' FROM 'admin' WHERE 'email' = '[$email_escaped]'";
            $securityq = mysqli_query($db, $sql);
        }


        $email = !empty($_POST['email']) ? $_POST['email'] : false;
        $email_escaped = mysqli_real_escape_string ($db, $email);
        if ($email){
            $securityq = mysqli_query($db, $sql);

        }
        $securityq = mysqli_query ($db, "SELECT securityq FROM admin WHERE email = '$email_escaped'");
        $securiyqrow= mysqli_fetch_array ($securityq);
        $result_securityq = $securiyqrow ['securityq'];

        echo ($result_securityq);

$securitya = !empty($_POST['securitya']) ? $_POST['securitya'] : false;
    $securitya_escaped = mysqli_real_escape_string ($db, $securitya);
    $result = mysqli_query ($db, "SELECT password FROM admin WHERE email = '$email_escaped'");              

    $changepassword = mysqli_query ($db, "SELECT password FROM admin WHERE email = '$email_escaped' AND securitya = '$securitya'");
    $changepasswordrow= mysqli_fetch_array ($changepassword);
    $result_changepassword = $changepasswordrow ['password'];

            if (isset($result_changepassword)){

        echo ("correct");

    }else{
        echo ("X");
    } 

    $password = !empty($_POST['password']) ? $_POST['password'] : false;
    $password_escaped = mysqli_real_escape_string ($db, $password);

     if (isset($result_changepassword)){
 mysqli_query($db, "UPDATE admin SET password='$password_escaped' WHERE email = '$email_escaped' AND securitya = '$securitya_escaped'")
 or die(mysqli_error($db));

     }else{

     }

形式: 

<fieldset>
<form class ="form"  method ="POST" enctype="application/x-www-form-urlencoded">
    Email:<br> <input type="email" name="email" maxlength="80" value="<?php echo $email ?>" placeholder ="Enter Your Email"/> <br />
    <input id="button2"type="submit" value="Get Security Question" name ="submit2" style = "cursor:pointer;"/><br> 

<br><input type="text" name="securitya" maxlength="20" value = "<?php echo $securitya ?>" placeholder = "Enter Your Answer" /> <br />

    <input id="button3"type="submit" value="Check Answer" name ="submit" style="cursor:pointer;"/>

    <br><input type="password" name="newpassword" id = "password" maxlength="20" placeholder = "Enter Your New Password" /> <br />

    <input id="button"type="submit" value="Change Password" disabled = "disabled" name ="submit" style="cursor:pointer;"/>

我知道我已经在这里添加了很多代码,所以如果有人能看看它并让我知道我哪里出错了,我会非常感激。

非常感谢

1 个答案:

答案 0 :(得分:2)

我认为

$password = !empty($_POST['password']) ? $_POST['password'] : false;

应该是

$password = !empty($_POST['newpassword']) ? $_POST['newpassword'] : false;
相关问题
最新问题