数据未插入mysql / php

时间:2018-02-04 08:14:08

标签: php mysql phpmyadmin

我想在mysql Db中更改密码。这是userChangePassword.php文件

<?php
require_once '../include/db_operations.php';

$response = array();

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if (isset($_POST['username']) and isset($_POST['password'])) {
        $db = new DbOperations();
        if ($db->changePassword($_POST['username'], $_POST['password'])) {
            $response['error'] = false;
            $response['message'] = "Change Password Successfully";

            // go to dboperation

        } else {
            $response['error'] = true;
            $response['message'] = "Password not changed";
        }
    } else {
        $response['error'] = true;
        $response['message'] = "Fill all the feilds";
    }
} else {
    $response['error'] = true;
    $response['message'] = "Invalid Request";
}

echo json_encode($response);

此文件是db_Operations.php,包含在数据库中更改密码的功能 方法工作正常,但数据库中的密码未更改,但消息显示“已成功更改密码”

<?php
class DbOperations
{
    private $con;
    function __construct()
    {
        require_once dirname(__FILE__) . '/db_connected.php';

        $db = new DbConnect();
        $this->con = $db->connect();
    }

    public function userLogin($username, $pass)
    {
        $password = $pass;
        $stm = $this->con->prepare("SELECT id FROM student WHERE username = ? AND password = ? ");
        $stm->bind_param("ss", $username, $password);
        $stm->execute();
        $stm->store_result();
        return $stm->num_rows > 0;
    }

    public function getUserByUserName($username)
    {
        $stm = $this->con->prepare("SELECT * FROM student WHERE username = ?");
        $stm->bind_param("s", $username);
        $stm->execute();
        return $stm->get_result()->fetch_assoc();
    }

    /*For insertion*/
    public function createUser($username, $pass, $email)
    {
        $password = $pass;
        $stm = $this->con->prepare("INSERT INTO `student` (`id`, `username`, `password`, `email`) VALUES (NULL, ?, ?, ?);");
        $stm->bind_param("sss", $username, $password, $email);
        if ($stm->execute()) {
            return true;
        } else {
            return false;
        }
    }

    // for change password

    public function changePassword($username, $pass)
    {
        $password = $pass;
        $stm = $this->con->prepare("UPDATE student SET password = ? WHERE username = ? ;");
        $stm->bind_param("ss", $username, $password);
        if ($stm->execute()) {
            return true;
        } else {
            return false;
        }
    }
}

输出是:

{"error":false,"message":"Change Password Successfully"}

所有其他方法和查询都很好,只有changedPassword()方法表现不佳。

这些是数据库中使用的参数:

enter image description here

1 个答案:

答案 0 :(得分:0)

错误是按

中绑定的参数顺序排列的 
$stm->bind_param("ss",$username,$password);

这意味着第一个?将替换为$username,第二个?将替换为$password。当然,这不是你需要的。所以,解决方案是:

$stm->bind_param("ss", $password, $username);

作为旁注:从不将普通密码存储在数据库中。相关主题here

相关问题
最新问题