我换了($ newPassword到$ new),仍然是数据库中的空! :(,

时间:2016-01-21 16:45:24

标签: php pdo

  

`密码正在以空值更新!旧密码替换为空值!!

$email = $_POST['email'];
$password = $_POST['password']; //old password
$new = $POST['new'];  //new password

//table name is users
    $stmt = $db->prepare("SELECT * FROM users WHERE email=:email_id");  
//checking email and password   
    $stmt->execute(array(":email_id"=>$email));
    $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
    if(($userRow['email'] === $email)&&($userRow['password'] === $password))
    {    
        $doneQuery = $db->prepare("
        UPDATE users 
        SET password = :new   
        WHERE email = :emailid" );                                  
        $doneQuery->execute([":newPassword"=>$new,
                        ":emailid"=>$email]);
}

1 个答案:

答案 0 :(得分:1)

您正在使用$ newpassword更新数据库,但是您在顶部将其声明为$ new,这意味着if是一个空变量并将其输入为空 你也错过了帖子的得分 所以改变

$new = $POST['new'];

$newPassword = $_POST['new'];


$email = $_POST['email']; $password = $_POST['password']; //old password         $newPassword= $_POST['new']; //new password //table name is users $stmt = $db->prepare("SELECT * FROM users WHERE email=:email_id"); //checking email and password $stmt->execute(array(":email_id"=>$email)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if(($userRow['email'] === $email)&&($userRow['password'] === $password)) { $doneQuery = $db->prepare(" UPDATE users SET password = :newPassword WHERE email = :emailid" ); $doneQuery->execute([":newPassword"=>$new, ":emailid"=>$email]); }