PHP用html和php创建密码重置功能

时间:2018-02-23 16:15:30

标签: php html mysql

我是PHP新手我正在制作测试管理面板,我想通过html和php 5.6添加密码重置

我不希望包含将链接发送给某人的电子邮件方法。

我的用户表中的唯一项目是 ID,USERNAME,PASSWORD,CREATED

我正在使用此代码片段让我了解php在后端运行的原因和方式。

在下面的代码中,我试图只是简单地更改用户的用户名和密码,但我试图通过删除检查是否已经采用用户名来修改此代码,因为我不想插入所以我把它改为更新。我有root priv,但是如何删除检查用户名并只更新密码?这是代码

<?php
// Include config file
require_once 'config.php'; 
// Define variables and initialize with empty values
$username = $password = $confirm_password = "";
$username_err = $password_err = $confirm_password_err = "";

// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){

// Validate username
if(empty(trim($_POST["username"]))){
    $username_err = "Please enter a username.";
} else{
    // Prepare a select statement
    $sql = "SELECT id FROM users WHERE username = ?";

    if($stmt = mysqli_prepare($link, $sql)){
        // Bind variables to the prepared statement as parameters
        mysqli_stmt_bind_param($stmt, "s", $param_username);

        // Set parameters
        $param_username = trim($_POST["username"]);

        // Attempt to execute the prepared statement
        if(mysqli_stmt_execute($stmt)){
            /* store result */
            mysqli_stmt_store_result($stmt);

            if(mysqli_stmt_num_rows($stmt) == 1){
                $username_err = "This username is already taken.";
            } else{
                $username = trim($_POST["username"]);
            }
        } else{
            echo "Oops! Something went wrong. Please try again later.";
        }
    }

    // Close statement
    mysqli_stmt_close($stmt);
}

// Validate password
if(empty(trim($_POST['password']))){
    $password_err = "Please enter a password.";     
} elseif(strlen(trim($_POST['password'])) < 6){
    $password_err = "Password must have atleast 6 characters.";
} else{
    $password = trim($_POST['password']);
}

// Validate confirm password
if(empty(trim($_POST["confirm_password"]))){
    $confirm_password_err = 'Please confirm password.';     
} else{
    $confirm_password = trim($_POST['confirm_password']);
    if($password != $confirm_password){
        $confirm_password_err = 'Password did not match.';
    }
}

// Check input errors before inserting in database
if(empty($username_err) && empty($password_err) && 
empty($confirm_password_err)){

    // Prepare an insert statement
    $sql = "UPDATE INTO users (username, password) VALUES (?, ?)";

    if($stmt = mysqli_prepare($link, $sql)){
        // Bind variables to the prepared statement as parameters
        mysqli_stmt_bind_param($stmt, "ss", $param_username, 
$param_password);

        // Set parameters
        $param_username = $username;
        $param_password = password_hash($password, PASSWORD_DEFAULT); // 
Creates a password hash

        // Attempt to execute the prepared statement
        if(mysqli_stmt_execute($stmt)){
            // Redirect to login page
            header("location: adminlogin.php");
        } else{
            echo "Something went wrong. Please try again later.";
        }
    }

    // Close statement
    mysqli_stmt_close($stmt);
}

// Close connection
mysqli_close($link);
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Change User password</title>
<link rel="stylesheet" 
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
<style type="text/css">
    body{ font: 14px sans-serif; }
    .wrapper{ width: 350px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
    <h2>Change User password</h2>
    <p>Please fill this form to change user password.</p>
    <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" 
method="post">
        <div class="form-group <?php echo (!empty($username_err)) ? 'has-
error' : ''; ?>">
            <label>Username</label>
            <input type="text" name="username"class="form-control" value="<?
php echo $username; ?>">
            <span class="help-block"><?php echo $username_err; ?></span>
        </div>    
        <div class="form-group <?php echo (!empty($password_err)) ? 'has-
error' : ''; ?>">
            <label>Password</label>
            <input type="password" name="password" class="form-control" 
value="<?php echo $password; ?>">
            <span class="help-block"><?php echo $password_err; ?></span>
        </div>
        <div class="form-group <?php echo (!empty($confirm_password_err)) ? 
'has-error' : ''; ?>">
            <label>Confirm Password</label>
            <input type="password" name="confirm_password" class="form-
control" value="<?php echo $confirm_password; ?>">
            <span class="help-block"><?php echo $confirm_password_err; ?>
</span>
        </div>
        <div class="form-group">
            <input type="submit" class="btn btn-primary" value="Submit">
            <input type="reset" class="btn btn-default" value="Reset">
        </div>

    </form>
</div>    
</body>
</html>

1 个答案:

答案 0 :(得分:1)

现在看到您在评论中发布的tutorial link,您没有按照“来到T”。

他们有:

$sql = "UPDATE employees SET name=?, address=?, salary=? WHERE id=?";

你有:

$sql = "UPDATE INTO users (username, password) VALUES (?, ?)";

并且不是UPDATE的有效语法。

应该是这样的:

$sql = "UPDATE users SET username =?, password=? WHERE id =?";

然后在绑定中传递额外参数。

再次访问该教程并完全按照显示关注

相关问题
最新问题