Question

`密码正在以空值更新！旧密码替换为空值!!

$email = $_POST['email'];
$password = $_POST['password']; //old password
$new = $POST['new'];  //new password

//table name is users
    $stmt = $db->prepare("SELECT * FROM users WHERE email=:email_id");  
//checking email and password   
    $stmt->execute(array(":email_id"=>$email));
    $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
    if(($userRow['email'] === $email)&&($userRow['password'] === $password))
    {    
        $doneQuery = $db->prepare("
        UPDATE users 
        SET password = :new   
        WHERE email = :emailid" );                                  
        $doneQuery->execute([":newPassword"=>$new,
                        ":emailid"=>$email]);
}

Answer 1

您正在使用$ newpassword更新数据库，但是您在顶部将其声明为$ new，这意味着if是一个空变量并将其输入为空你也错过了帖子的得分所以改变

$new = $POST['new'];

到

$newPassword = $_POST['new'];


$email = $_POST['email']; $password = $_POST['password']; //old password         $newPassword= $_POST['new']; //new password //table name is users $stmt = $db->prepare("SELECT * FROM users WHERE email=:email_id"); //checking email and password $stmt->execute(array(":email_id"=>$email)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if(($userRow['email'] === $email)&&($userRow['password'] === $password)) { $doneQuery = $db->prepare(" UPDATE users SET password = :newPassword WHERE email = :emailid" ); $doneQuery->execute([":newPassword"=>$new, ":emailid"=>$email]); }

我换了（$ newPassword到$ new），仍然是数据库中的空！ :(，

1 个答案: