Image for Database Columns from Workbench here
事先感谢所有在此处审核并回答我的问题的人。 我正在一个网站上工作,我需要为我的注册访问者制作一个仪表板,以便他们可以查看和编辑他们的个人资料信息。但是,我的代码遇到了一些问题。 当用户提交对其配置文件的更改时,服务器更新存储在MySQL表中的信息,并通知用户该信息已更新。 在外面,它似乎顺利运作。当我上传个人资料照片或设置新名称或设置新的电子邮件地址时,它会显示“已成功更新”。但是,当我检查“实际”数据库条目(使用Workbench)时,我发现绝对没有任何更新。
P.S。我已经在http://phpcodechecker.com检查了我的源代码中的错误。我的MySQL连接正常工作(因为我在其他php文件中也使用了相同的片段)。
P.P.S(如果有必要的话)我使用Windows 10 64位和PHP 7与IIS 10服务器和MySQL Workbench for Windows版本6.2.4(64位)
源代码: 的 edit_profile.php
<?php
ob_start();
session_start();
require('./functions.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = $_POST["name"];
$email = $_POST["email"];
$user_id = $_SESSION["user_id"];
$profile_picture = $_POST["profile_picture"];
echo 'Changing Contents of your profile..';
if ($name != $_SESSION["name"]) {
if (setUserName($user_id, $name)) {
echo 'Successfully changed User Name.<br/>';
} else {
echo 'Unsuccessful';
}
}
if ($email != $_SESSION["email"] && $email != "") {
if (setEmail($user_id, $email)) {
echo 'Successfully changed Email.<br/>';
} else {
echo 'Unsuccessful';
}
}
if ($profile_picture != getProfilePicture_base64_encoded($user_id) && $profile_picture != "") {
if (setProfilePicture_base64_encoded($user_id, $profile_picture)) {
echo 'Successfully changed Profile Picture.<br/>';
} else {
echo 'Unsuccessful';
}
}
} else {
?>
<!DOCTYPE html>
<html>
<head>
<title>StoryDorado | Edit Profile</title>
<meta name="theme-color" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="nocache,noarchive,nofollow,nosnippet">
<meta name="Description" content="">
<meta name="keywords" content="">
</head>
<body>
<form action="edit_profile.php" method="post" enctype="multipart/form-data">
Set New Profile Picture (Max. 15 MB): <input name="profile_picture" id="profile_picture" accept="image/JPEG" type="file"><br/>
Set User Name: <input type="text" name="name" id="name"><br/>
Set New E-mail:<input type="text" name="email" id="email"><br/>
<input type="submit" value="submit" name="submit" />
</form>
<br/>
<div id="Current_Info" style="display:block;">
<pre>
Your Current Information:
1.Profile Picture:
<?php
$profile_picture = getProfilePicture_base64_encoded($_SESSION["user_id"]);
if ($profile_picture === NULL) {
echo '<img src="default.jpg" />';
} else {
echo '<img src="data:image/jpeg;base64,' . $profile_picture . '" />';
}
?><br/>
2. User Name:
<?php echo $_SESSION["name"]; ?><br/>
3. E-Mail:
<?php
if ($_SESSION["email"] != "") {
echo $_SESSION["email"];
} else {
echo 'Not Provided';
}
?>
</pre>
</div>
</body>
</html>
<?php
}
?>
和functions.php位于同一个文件夹
<?php
function encrypt_password($password) {
$cost = 10;
$salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
$salt = sprintf("$2a$%02d$", $cost) . $salt;
$hash = crypt($password, $salt);
return $hash;
}
function check_user($user_id, $password) {
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "SELECT * FROM users";
$list = $conn->query($query);
$result = false;
while ($row = $list->fetch_assoc()) {
if ($user_id == $row["user_id"] && $row["subscription_code"] != 0 && hash_equals($row["subscription_code"], crypt($password, $row["subscription_code"]))) {
$result = true;
}
}
$conn->close();
return $result;
}
function getProfilePicture_base64_encoded($user_id) {
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "SELECT * FROM users WHERE user_id='" . $user_id . "'";
$list = $conn->query($query);
$image = null;
while ($row = $list->fetch_assoc()) {
$image = $row["profile_picture"];
}
$conn->close();
return $image;
}
function setProfilePicture_base64_encoded($user_id, $picture) {
$picture = base64_encode($picture);
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "UPDATE users SET profile_picture='" . $picture . "' WHERE user_id='" . $user_id . "';";
$result = false;
if ($conn->query($query) === TRUE) {
$result = true;
}
$conn->close();
return $result;
}
function setUserName($user_id, $name) {
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "UPDATE users SET name='" . $name . "' WHERE user_id='" . $user_id . "';";
$result = false;
if ($conn->query($query) === TRUE) {
$result = true;
}
$conn->close();
return $result;
}
function setPassword($user_id, $password) { //WARNING: Be Cautious About When You Let A User Change His Password
$password = encrypt_password($password);
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "UPDATE users SET subscription_code='" . $password . "' WHERE user_id='" . $user_id . "';";
$result = false;
if ($conn->query($query) === TRUE) {
$result = true;
}
$conn->close();
return $result;
}
function setEmail($user_id, $email) {
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "UPDATE users SET email='" . $email . "' WHERE user_id='" . $user_id . "';";
$result = false;
if ($conn->query($query) === TRUE) {
$result = true;
}
$conn->close();
return $result;
}
function UnRegister($user_id) { //WARNING: Be Cautious About This. Changes are not reversible. Provide proper sure-checking to end users.
$conn = new mysqli("localhost", "root", "", "login_system") or die("Connection Failed:" . $conn->connect_error);
$query = "DELETE FROM users WHERE user_id='" . $user_id . "';";
$result = false;
if ($conn->query($query) === TRUE) {
$result = true;
}
$conn->close();
return $result;
}
function validate($data) {
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
这可能是什么原因?以及如何解决它?
编辑:
我运行了我在MySQL Workbench上面的函数中使用的相同查询。有一个错误!它说 : 执行:
UPDATE `login_system`.`users` SET `name`='Rojaxius' WHERE `user_id`='facebook000000000';
ERROR 1175: 1175: You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column
SQL Statement:
UPDATE `login_system`.`users` SET `name`='Mr Who' WHERE `user_id`='facebook000000000'
Operation failed: There was an error while applying the SQL script to the database.
那是什么意思?
答案 0 :(得分:0)
谢谢大家花时间在我的问题上。没有咨询过你,我找不到答案。但是你的见解揭示了很多,我终于找到了为什么这些陈述不起作用。这只是因为我的数据库中的user_id列未设置为UNIQUE。因此,在安全模式下,WHERE子句对程序没有任何意义,因为它无法确定是否有2个相同的user_id条目。因此存在问题。现在已经修好了。我决定分享这个答案,以防其他人陷入困境,浪费12个小时:)
谢谢你们所有人。
<Happy Coding/>