如何将表单值传递给ChangePassword.php？

Question

我想用javascript函数检查数据的有效性后，将oldPassword，newPassword，newPasswordAgain值传递给ChangePassword.php。这是表单和javascript：

<?php
session_start();
?>

<!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" type="text/css" href="../style/style.css">
    </head>
    <body>
        <div class="navbar">
            <ul>
                <li><a href="../Pages/Main.php">Home</a></li>
                <li><a href="../Pages/Rules.php">Rules</a></li>
                <li><a href="../Pages/Builds.php">Builds</a></li>
                <li><a href="../Pages/Events.php">Events</a></li>
                <li><a href="../Pages/Calendar.php">Calendar</a></li>
                <li style="float:right"><a class="active" href="../Pages/UserSettings.php"><?php echo $_SESSION["username"]; ?></a></li>
            </ul>
        </div>

        <div class="changepasswd_bg">
            <div class="absolute">

                <form name="changePasswordForm"   method=POST action="../Pages/ChangePassword.php"  onsubmit="return validateForm()">
                    <input  type="password" name="oldPassword"  placeholder="Old password" size="100"><br>
                    <input  type="password" name="newPassword"  placeholder="New password" size="100"><br>
                    <input  type="password" name="newPasswordAgain"  placeholder="New password again" size="100"><br>
                    <input type="submit" value="Change" size="70">

                </form>

                <h2 id="output"></h2><br>
                <h2 id="debug"></h2>
            </div>

        </div>

        <script>
            function validateForm() {

                var oldX = document.forms["changePasswordForm"]["oldPassword"].value;
                var newX = document.forms["changePasswordForm"]["newPassword"].value;
                var newXAgain = document.forms["changePasswordForm"]["newPasswordAgain"].value;

                //ki kell tölteni a mezőket
                if (oldX === null || oldX === "" || newX === null || newX === "" || newXAgain === null || newXAgain === "") {
                    document.getElementById("output").innerHTML = "All field need to fill";
                    document.getElementById("debug").innerHTML = masterPass;
                    return false;
                } // a régi passwordnek a megadottal egyezni kell 
                else if ('<?php echo $_SESSION["password"] ?>'.toString() !== oldX.toString()) {
                    document.getElementById("output").innerHTML = "The original passwords are not matches";
                    return false;
                } else if (newX !== newXAgain) {
                    document.getElementById("output").innerHTML = "The new passwords are not matches";
                    return false;
                } else {

                    document.getElementById("output").innerHTML = "OK";
                    return true;
                }
            }
        </script>


    </body>

</html>

这是ChangePassword.php：

<?php
session_start();
?>

<!DOCTYPE html>

<?php
include '../Database/Connect.php';

$oldPassword = $_GET["oldPassword"];
$newPassword = $_GET["newPassword"];
$newPasswordAgain = $_GET["newPasswordAgain"];
if (strlen($oldPassword) == 0 || strlen($newPassword) == 0 || strlen($newPasswordAgain) == 0) {
    echo "valamelyik 0 hosszu";
    echo $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;
    //header("Location: ../Pages/SomethingWrong.php");
} else if ($_SESSION["password"] !== $oldPassword) {
    echo "a session és az ild password nem egyezik";
    echo $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;
    // header("Location: ../Pages/SomethingWrong.php");
} else if ($newPassword !== $newPasswordAgain) {
    echo "a két password nem egyezik";
    echo $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;
    // header("Location: ../Pages/SomethingWrong.php");
} else {
    echo "minden ok " . $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;

}
?>

结果是这些错误:(我也无法在标题上看到变量值。例如：http://ChangePassword.php?name=value ......等）

  

注意：未定义的索引：oldPassword in   第10行的D：\ apache \ htdocs \ Pages \ ChangePassword.php

     

注意：未定义的索引：newPassword in   第11行的D：\ apache \ htdocs \ Pages \ ChangePassword.php

     

注意：未定义的索引：newPasswordAgain in   第12行的D：\ apache \ htdocs \ Pages \ ChangePassword.php

valamelyik 0 hosszuEzredes123

Answer 1

你使用$ _GET，但你的方法是post。所以把它改成$ _POST

Answer 2

您需要为您的方案使用$_POST

$oldPassword = $_POST["oldPassword"];
$newPassword = $_POST["newPassword"];
$newPasswordAgain = $_POST["newPasswordAgain"];

传递敏感信息：

通过Internet传递敏感信息时使用SSL套接字会更安全。

有关详细信息，请参阅Stack上的以下内容：

• password sent via post secure?
• Is either GET or POST more secure than the other?