在php中:更改密码未在数据库中更新

时间:2018-10-23 06:52:16

标签: php html5

我有一个要更改密码的注册表格任务。没有错误,当我执行变量转储(var_dump)时,它正在改变。此外,它还在前端显示更改的密码,但未在数据库中更新。我已经尝试了很多更新数据库,但是我在做什么错呢?我认为查询问题。任何人都可以指出正确的方向来解决我的查询问题吗?预先感谢... 

<?php
require_once ( "./connect.php" );
if ( !empty ( $_POST ['submit'] ) ) {  
    $current_password = md5 ( $_POST [ 'current_password' ] );
    $new_password = md5 ( $_POST [ 'new_password' ] );
    $confirm_password = md5 ( $_POST [ 'confirm_password' ] );
    $sql = ( "SELECT `password` FROM `user` WHERE `username` = '$confirm_password' " ) or die ( "Query didn't work" );
    $result = $db->query($sql);
    $current_password = $result [ 'password' ];
    if ( $current_password == $current_password ) {
        if ( $new_password == $confirm_password ) {             
            $sql = ( "update `user` SET `password`='{$confirm_password}' WHERE user_id = $_COOKIE[id]" );
            echo 'success!'; 
        } else {
            echo 'New passwords doesn t match!';
        }
    }
} else {
    echo 'Current password doesn t match';
}
?>
<form action = "" method = "POST">
Current-Password: <input type = "password" name = "current_password" value = ""/><br><br>
New-Password: <input type = "password" name = "new_password" value = ""/><br><br>
Confirm-Password: <input type = "password" name = "confirm_password" value = ""/><br><br>
<input type="submit" name="submit" value="change password"/>
</form>

// connect.php file
<?php
$db = new mysqli("localhost", "root", "", "registration");
if($db->connect_error){
exit("cannot connect to database");
}
?>

2 个答案:

答案 0 :(得分:0)

Run $sql之后的查询

$sql = ( "update `user` SET `password`='{$confirm_password}' WHERE user_id = $_COOKIE[id]" );
$db->query($sql); //this is missing that why no data update

答案 1 :(得分:0)

嗨,请检查一下

<?php
require_once ( "./connect.php" );
if ( !empty ( $_POST ['submit'] ) ) {
    $current_password = md5 ( $_POST [ 'current_password' ] );
    $new_password = md5 ( $_POST [ 'new_password' ] );
    $confirm_password = md5 ( $_POST [ 'confirm_password' ] );
    $sql = ( "SELECT `password` FROM `user` WHERE `username` = 'shan' " ) or die ( "Query didn't work" );
    $result = $db->query($sql);

    if ($result->num_rows > 0) {
    // output data of each row
     while($row = $result->fetch_assoc()) {
        $current_password1 = $row["password"];
     }
    }
    if ( $current_password == $current_password1 ) {
        if ( $new_password == $confirm_password ) {
            $sql = ( "update `user` SET `password`='{$confirm_password}' WHERE user_id = 1" );
            $result = $db->query($sql);
            echo 'success!';
        } else {
            echo 'New passwords doesn t match!';
        }
    }
} else {
    echo 'Current password doesn t match';
}
?>
<form action = "" method = "POST">
Current-Password: <input type = "password" name = "current_password" value = ""/><br><br>
New-Password: <input type = "password" name = "new_password" value = ""/><br><br>
Confirm-Password: <input type = "password" name = "confirm_password" value = ""/><br><br>
<input type="submit" name="submit" value="change password"/>
</form>

您的代码中进行了一些更正:

  1. 更正用户名(当前使用密码作为用户名)。
  2. 使用while循环获取密码表单查询结果。
  3. 将输入的当前密码与db密码进行比较(两者都使用不同的变量)。
  4. 在使用前设置cookie,否则接受来自用户的用户ID(您正在使用$ _COOKIE ['user_id']。
  5. 在数据库上执行更新查询。
相关问题
最新问题