我的编程遇到2个问题。 1)无法在mysql db中更新密码。
change_password.php
<?php
session_start();
require_once 'class.user.php';
$user_home = new USER();
?>
<!doctype html public "-//w3c//dtd html 3.2//en">
<html>
<head>
<title>(Type a title for your page here)</title>
</head>
<body>
<?Php
///////Collect the form data /////
if(isset($_POST['btn-signup']))
{
$password=$_POST['password'];
$password2=$_POST['password2'];
$old_password=$_POST['old_password'];
/////////////////////////
$stmt = $user_home->runQuery("SELECT * FROM registered_users WHERE userID=:uid");
$stmt->execute(array(":uid"=>$_SESSION['userSession']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['password']<>md5($old_password)){
echo"Your old password is not matching as per our record.<BR>";
echo"no same pass";
}
if ( $password <> $password2 ){
$msg=$msg."Both passwords are not matching<BR>";
echo "new pass not same";
$password=md5($password);
$stmt = $this->conn->prepare("UPDATE registered_users SET password=:password where email:email");
$stmt->bindparam(":password",$password);
if($stmt->execute()){
echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password for better security</font></center>";
}else{echo "<center>Sorry <br> Failed to change password Contact Site Admin</font></center>";
} // end of if else if updation of password is successful
} // end of if else todo
}
?>
</body>
<form method="post">
<input type="password" name="old_password" placeholder="old pass" />
<input type="password" name="password" placeholder="opassword" />
<input type="password" name="password2" placeholder="password2" />
<button class="btn btn-large btn-primary" type="submit" name="btn-signup">Sign Up</button>
</form>
</html>
输出
Your old password is not matching as per our record.
no same pass
old pass <Text fill>
password <Text fill>
password2 <Text fill>
Sign Up <button>
2)如何在注册页面插入确认密码。 用户将再次输入相同的密码可以检查它是否相同 SignUP.php
<?php
session_start();
require_once 'class.user.php';
$reg_user = new USER();
if($reg_user->is_logged_in()!="")
{
$reg_user->redirect('index.php');
}
if(isset($_POST['btn-signup']))
{
$salutation = $_POST['salutation'];
$fullName = $_POST['fullName'];
$nric = $_POST['nric'];
$gender = $_POST['gender'];
$dateOfBirth = $_POST['dateOfBirth'];
$mobileNumber = $_POST['mobileNumber'];
$email = $_POST['email'];
$password = $_POST['password'];
$address = $_POST['address'];
$postalCode = $_POST['postalCode'];
$serialNumber = md5(uniqid(rand()));
$stmt = $reg_user->runQuery("SELECT * FROM registered_users WHERE email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() > 0)
{
$msg = "
<div class='alert alert-error'>
<button class='close' data-dismiss='alert'>×</button>
<strong>Sorry !</strong> email allready exists , Please Try another one
</div>
";
}
else
{
if($reg_user->register($salutation,$fullName,$nric,$gender,$dateOfBirth,$mobileNumber,$email,$password,$address,$postalCode,$serialNumber))
{
$id = $reg_user->lasdID();
$key = base64_encode($id);
$id = $key;
$message = "
Dear $salutation $fullName,
<br /><br />
Thank You for registering with us!<br/>
To complete your registration please , just click following link<br/>
<br /><br />
<a href='http://localhost:8080/xampp/bicycleTheft/test5/php/verify.php?id=$id&serialNumber=$serialNumber'>Click HERE to Activate :)</a>
<br /><br />
Thanks,<br/>
<br />
Site Admin";
$subject = "Confirm Registration";
$reg_user->send_mail($email,$message,$subject);
$msg = "
<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
<strong>Success!</strong> We've sent an email to $email.
Please click on the confirmation link in the email to create your account.
</div>
";
}
else
{
echo "sorry , query could no execute. Pleae go to nearest NPC to register.";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Signup</title>
<!-- Bootstrap CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link href="../css/bootstrap-theme.min.css" rel="stylesheet">
<link rel="stylesheet" href="../css/NewFile.css" type="text/css">
</head>
<body>
<script src="../js/jquery-1.12.3.min.js"></script>
<script src="../js/bootstrap.min.js"></script>
<?php include 'navBar.php'; ?>
<?php if(isset($msg)) echo $msg; ?>
<div class="padding">
<form class="form-signin" method="post">
<h2 class="form-signin-heading">Sign Up</h2><hr />
<table>
<tr>
<td>Salutation</td>
<td><select name="salutation">
<option value="Dr">Dr</option>
<option value="Mr">Mr</option>
<option value="Mrs">Mrs</option>
<option value="Ms">Ms</option>
<option value="Madam">Madam</option>
</select>
</td>
</tr>
<tr>
<td>Full Name (as in NRIC):</td>
<td><input type="text" class="input-block-level" placeholder="Full Name" name="fullName" required /></td>
</tr>
<tr>
<td>NRIC:</td>
<td><input type="text" class="input-block-level" placeholder="S1234567A" name="nric" required /></td>
</tr>
<tr>
<td>Gender:</td>
<td><input type="radio" name="gender" value="Male">Male
<input type="radio" name="gender" value="Female">Female</td>
</tr>
<tr>
<td>Date Of Birth:</td>
<td><input type="date" class="input-block-level" name="dateOfBirth" required /></td>
</tr>
<tr>
<td>Mobile Nume:</td>
<td><input type="text" class="input-block-level" placeholder="91234567" name="mobileNumber" required /></td>
</tr>
<tr>
<td>Email Address:</td>
<td><input type="email" class="input-block-level" placeholder="ABC@example.com" name="email" required /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" class="input-block-level" placeholder="password" name="password" required /></td>
</tr>
<tr>
<td>Address:</td>
<td><input type="text" class="input-block-level" placeholder="address" name="address" required /></td>
</tr>
<tr>
<td>Postal Code:</td>
<td><input type="text" class="input-block-level" placeholder="postalcode" name="postalCode" required /></td>
</tr>
</table>
<button class="btn btn-large btn-primary" type="submit" name="btn-signup">Sign Up</button>
</form>
</div>
</body>
</html>
class.user.php
<?php
require_once 'dbconfig.php';
class USER
{
private $conn;
public function __construct()
{
$database = new Database();
$db = $database->dbConnection();
$this->conn = $db;
}
public function runQuery($sql)
{
$stmt = $this->conn->prepare($sql);
return $stmt;
}
public function lasdID()
{
$stmt = $this->conn->lastInsertId();
return $stmt;
}
public function register($salutation,$fullName,$nric,$gender,$dateOfBirth,$mobileNumber,$email,$password,$address,$postalCode,$serialNumber)
{
try
{
$password = md5($password);
$stmt = $this->conn->prepare("INSERT INTO registered_users(salutation,fullName,nric,gender,dateOfBirth,mobileNumber,email,password,address,postalCode,serialNumber)
VALUES(:salutation,:fullName,:nric,:gender,:dateOfBirth,:mobileNumber,:email,:password,:address,:postalCode,:serialNumber)");
$stmt->bindparam(":salutation",$salutation);
$stmt->bindparam(":fullName",$fullName);
$stmt->bindparam(":nric",$nric);
$stmt->bindparam(":gender",$gender);
$stmt->bindparam(":dateOfBirth",$dateOfBirth);
$stmt->bindparam(":mobileNumber",$mobileNumber);
$stmt->bindparam(":email",$email);
$stmt->bindparam(":password",$password);
$stmt->bindparam(":address",$address);
$stmt->bindparam(":postalCode",$postalCode);
$stmt->bindparam(":serialNumber",$serialNumber);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function registerBike($userID,$typeOfBike,$brand,$model,$colour,$remarks,$serialNumber,$final_file,$folder)
{
try
{
$stmt = $this->conn->prepare("INSERT INTO bike_tbl (userID,typeOfBike,brand,model,colour,remarks,serialNumber,file,location)
VALUES(:userID,:typeOfBike,:brand,:model,:colour,:remarks,:serialNumber,:file,:location)");
$stmt->bindparam(":userID",$userID);
$stmt->bindparam(":typeOfBike",$typeOfBike);
//$stmt->bindparam(":otherBike",$otherBike);
$stmt->bindparam(":brand",$brand);
$stmt->bindparam(":model",$model);
$stmt->bindparam(":colour",$colour);
//$stmt->bindparam(":usedBike",$usedBike);
$stmt->bindparam(":remarks",$remarks);
$stmt->bindparam(":serialNumber",$serialNumber);
$stmt->bindparam(":file",$final_file);
$stmt->bindparam(":location",$folder);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function updateUser($fullName,$mobileNumber,$password,$address,$postalCode,$email)
{
try
{
$password = md5($password);
$stmt = $this->conn->prepare("UPDATE registered_users SET fullName=:fullName,mobileNumber=:mobileNumber,password=:password,address=:address,postalCode=:postalCode WHERE email=:email");
// $stmt->execute(array(":email"=>$email));
// $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
$stmt->bindparam(":email",$email);
$stmt->bindparam(":fullName",$fullName);
$stmt->bindparam(":mobileNumber",$mobileNumber);
$stmt->bindparam(":password",$password);
$stmt->bindparam(":address",$address);
$stmt->bindparam(":postalCode",$postalCode);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function login($email,$password)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM registered_users WHERE email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['userStatus']=="Y")
{
if($userRow['password']==md5($password))
{
$_SESSION['userSession'] = $userRow['userID'];
return true;
}
else
{
header("Location: index.php?error1");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error2");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function chgpass($currentPassword,$newPassword)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM registered_users WHERE email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['userStatus']=="Y")
{
if($userRow['password']==md5($currentPassword))
{
$_SESSION['userSession'] = $userRow['userID'];
$stmt = $this->conn->prepare("UPDATE registered_users SET password=:newPassword WHERE email=:email");
$stmt->bindparam(":newPassword",$newPassword);
return true;
}
else
{
header("Location: index.php?error1");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error2");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function is_logged_in()
{
if(isset($_SESSION['userSession']))
{
return true;
}
}
public function redirect($url)
{
header("Location: $url");
}
public function logout()
{
session_destroy();
$_SESSION['userSession'] = false;
}
function send_mail($email,$message,$subject)
{
require_once('../mailer/class.phpmailer.php');
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPDebug = 0;
$mail->SMTPAuth = true;
$mail->SMTPSecure = "ssl";
$mail->Host = "smtp.gmail.com";
$mail->Port = 465;
$mail->AddAddress($email);
$mail->Username="ABTMP16@gmail.com";
$mail->Password="antibicycletheft16";
$mail->SetFrom('ABTMP16@gmail.com','Muahammed Ashik');
$mail->AddReplyTo("ABTMP16@gmail.com","Reply");
$mail->Subject = $subject;
$mail->MsgHTML($message);
$mail->Send();
}
}
?>
答案 0 :(得分:0)
您没有绑定第二个参数:email。
更正的答案:
$stmt = $this->conn->prepare("UPDATE registered_users SET password=:password where email:email");
$stmt->bindparam(":password",$password);
$stmt->bindparam(":email",$email); // This line was missing.