PHP中的密码更新

时间:2017-10-15 06:11:22

标签: php sql

我试图制作一个用户可以更改密码的功能。不幸的是,即使我向数据库输入新密码,我的代码也无法正常工作,但它仍然不会改变。

这是html表单:

        <form action="SettingsDir.php" method="POST" >

            Change Password : <br>
            Username : <input type="text" name="uid" placeholder="Username">

            Password : <input type="password" name="pwd" 
            placeholder="Password"><br>

            New Password: <input type="password" name="npwd" 
            placeholder="New Password"><br>

            <button type="submit" name="submit"> Apply </button>
            <a href="HomePage.php"><button>Back</button></a>

这是逻辑:

    <?php
    session_start();
    if (isset($_POST['submit'])) {

include 'dbh.php';

$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
$npwd = mysqli_real_escape_string($conn, $_POST['npwd']);

if(empty($uid) || empty($pwd) || empty($npwd)){
    echo "<SCRIPT type='text/javascript'> //not showing me this
            alert('Please input your Credentials ! ');
            window.location.replace(\"Settings.php?\");
        </SCRIPT>";
}else{
    $sql = "SELECT * FROM user WHERE username='$uid' OR email='$uid'";
    $result = mysqli_query($conn, $sql);
    $resultCheck = mysqli_num_rows($result);

    if ($resultCheck < 1) {
        echo "<SCRIPT type='text/javascript'> //not showing me this
            alert('There's no said username in the database! ');
            window.location.replace(\"Settings.php?\");
        </SCRIPT>";
        exit();
    }else{
        if ($row = mysqli_fetch_assoc($result)) {
            $hashedPwdCheck = password_verify($pwd, $row['password']);
            if ($hashedPwdCheck == false) {
                echo "<SCRIPT type='text/javascript'> //not showing me this
                        alert('Please check your Password! ');
                        window.location.replace(\"Settings.php?\");
                    </SCRIPT>";
                exit();
            }else{
                $newpassword = "UPDATE user SET pwd = '$npwd' WHERE username = $uid";
                        mysqli_query($newpassword);
                    echo "<SCRIPT type='text/javascript'> //not showing me this
                        alert('Success, Please Login to verify! ');
                        window.location.replace(\"Login.php?\");
                         </SCRIPT>";
            }
           }
          }

        }
   }else{
    echo "<SCRIPT type='text/javascript'> //not showing me this
        alert('Error! ');
        window.location.replace(\"Settings.php?\");
       </SCRIPT>";
      exit();
        }

dbh.php是我的数据库和我的代码之间的连接。 请帮帮我

0 个答案:

没有答案