告诉我哪里错了。我在PHP页面中编写了一个PHP程序,我正在使用用户的旧密码和新密码。我的程序运行良好,但它没有捕获用户旧的和新的密码差异意味着,如果用户输入旧密码" abc456 $%^"并在新密码用户再次写入相同的密码新密码" abc456 $%^"在这个过程中,系统应该通过旧密码告知用户"新密码"但是在我的程序系统中接受用户新密码并且没有通知用户。
这是我的PHP代码告诉我哪里错了:
<?php
session_start();
// if ($_SESSION['user_name'] != "")
// {
// header("location:account.php");
// }
include('connection.php');
// header("Refresh: 20; URL=welcome.php");
// header("Refresh: 20; URL=http://www.stackoverflow.com/");
if(isset($_POST['submit']))
{
$old_password = $_POST['old_password'];
$new_password = $_POST['new_password'];
$query = $con->prepare("select password from tbl_users WHERE id = :user_id");
$query->bindParam(':user_id', $_SESSION['id']);
$query->setFetchMode(PDO::FETCH_ASSOC);
$query->execute();
$fetch = $query->fetch();
$old_pass = $fetch['password'];
if($old_password == $new_password)
{
$error = "<div class='text-danger text-center'>New password should be different with old password</div>";
}
else{
$select = $con->prepare("select password from tbl_users where user_name ='$user_name'");
$select->setFetchMode(PDO::FETCH_ASSOC);
$select->execute();
}
if($old_password == $old_pass){
$stmt = $con->prepare("UPDATE tbl_users SET password = (:pass) WHERE id = :user_id");
$stmt->bindParam(':pass', $new_password, PDO::PARAM_STR);
$stmt->bindParam(':user_id', $_SESSION['id']);
// $stmt->execute();
$stmt->execute();
header("location:account.php");
}
else
{
echo "<script>alert('Wrong password! Enter your valid old password')</script>";
}
}
?>
这是HTML代码
<!DOCTYPE html>
<html>
<head>
<title>project</title>
<link rel="stylesheet" type="text/css" href="css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="registration.css">
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/jquery-3.2.1.min.js"></script>
</head>
<body>
<header><h1>Change Password</h1></header>
<form method="post" action="renew.php">
<?php if(isset($error)) { echo $error; } ?>
<br />
<input type="password" id="pwd2" placeholder="Enter your old password" name="old_password" required />
<br />
<input type="password" id="pwd1" placeholder="Enter your new password" name="new_password" required />
<center>
<!-- <div class="form-group"> -->
<div id="setPasswordMessage" style="display: none;"></div>
<!-- </div> -->
</center>
<br />
<div class="buttons">
<input type="submit" disabled="submit" class="btn" name="submit" value="Save">
</div>
<br />
</form>
<footer><h3>Copyright © vu.edu.pk (S1701F607E)</h3></footer>"
"<script type="text/javascript">
$(document).ready(function() {
var pwd1 = $('#pwd1'); //id of first password field
var pwd2 = $('#pwd2'); //id of second password field
var pwdIdSet = $('#setPasswordMessage'); //id of indicator element
setCheckPasswordStrength(pwd1,pwd2,pwdIdSet); //call password check function
});
function setCheckPasswordStrength(pwd1, pwd2, pwdIdSet)
{
/*=========== Start: Set Password Cretria Regular Expression ===================*/
//Password must contain 5 or more characters
var lowPassword = /(?=.{5,}).*/;
//Password must contain at least one digit and lower case letters .
var mediumPassword = /^(?=\S*?[a-z])(?=\S*?[0-9])\S{5,}$/;
//Password must contain at least one digit, one upper case letter and one lower case letter.
var averagePassword = /^(?=\S*?[A-Z])(?=\S*?[a-z])(?=\S*?[0-9])\S{5,}$/;
//Password must contain at least one digit, one upper case letter and one lower case letter.
var strongPassword = /^(?=\S*?[A-Z])(?=\S*?[a-z])(?=\S*?[0-9])(?=\S*?[^\w\*])\S{5,}$/;
/*=========== End: Set Password Cretria Regular Expression ===================*/
// test() method is used to test match in a string whether the value is matched in a string or not.
$(pwd1).on('keyup', function(e) {
var len = $('#pwd1').val().length;
document.getElementById("setPasswordMessage").style.display="block";
if(strongPassword.test(pwd1.val()))
{
pwdIdSet.removeClass().addClass('strongPassword').html("Strong! Please use this password!").css("display","block");
$(':input[type="submit"]').prop('disabled', false);
}
else if(averagePassword.test(pwd1.val()))
{
pwdIdSet.removeClass().addClass('averagePassword').html("Average! Tips: Enter special characters to make even stronger").css("display","block");
$(':input[type="submit"]').prop('disabled', true);
}
else if(mediumPassword.test(pwd1.val()))
{
pwdIdSet.removeClass().addClass('mediumPassword').html("Good! Tips: Enter uppercase letter to make strong").css("display","block");
$(':input[type="submit"]').prop('disabled', true);
}
else if(lowPassword.test(pwd1.val()))
{
pwdIdSet.removeClass().addClass('stilllowPassword').html("Still Weak! Tips: Enter digits to make good password").css("display","block");
$(':input[type="submit"]').prop('disabled', true);
}
else if(len < 1)
{
pwdIdSet.removeClass('lowPassword');
$('#setPasswordMessage').css("display","none");
$(':input[type="submit"]').prop('disabled', true);
}
else
{
pwdIdSet.removeClass().addClass('lowPassword').html("Very Weak! Please use 5 or more chars password)").css("display","block");
$(':input[type="submit"]').prop('disabled', true);
}
});
// $(pwd2).on('keyup', function(e) {
// if(pwd1.val() !== pwd2.val())
// {
// pwdIdSet.removeClass().addClass('lowPassword').html("Passwords do not match!");
// }else{
// pwdIdSet.removeClass().addClass('goodpass').html("Passwords match!");
// }
// });
}
</script>
</body>
</html>