在PHP和Jquery中使用md5更改密码

时间:2019-03-25 05:58:00

标签: php jquery md5

当我尝试更新/更改密码时,它说我当前的密码错误

我使用md5加密密码,但是我不知道如何使用jQuery和Ajax更新加密的密码。

这是我正在使用的jQuery代码:

jQuery("#change_password").submit(function (e) {
            e.preventDefault();

            var password = jQuery('#password').val();
            var current_password = jQuery('#current_password').val();
            var new_password = jQuery('#new_password').val();
            var retype_password = jQuery('#retype_password').val();
            if (password != current_password) {
                $.jGrowl("Password does not match with your current password  ", {
                    header: 'Change Password Failed'
                });
            } else if (new_password != retype_password) {
                $.jGrowl("Password does not match with your new password  ", {
                    header: 'Change Password Failed'
                });
            } else if ((password == current_password) && (new_password == retype_password)) {
                var formData = jQuery(this).serialize();
                $.ajax({
                    type: "POST",
                    url: "update_password_mahasiswa.php",
                    data: formData,
                    success: function (html) {

                        $.jGrowl("Your password is successfully change", {
                            header: 'Change Password Success'
                        });
                        var delay = 2000;
                        setTimeout(function () {
                            window.location = 'dashboard_mahasiswa.php'
                        }, delay);
                    }
                });

用于更新密码的php代码:

<?php
  include('dbcon.php');
  include('session.php');
  $new_password  = $_POST['new_password'];
  $new_password  = md5($new_password)
  mysql_query("update mahasiswa set password = '$new_password' where mahasiswa_id = '$session_id'")or die(mysql_error());
?>

2 个答案:

答案 0 :(得分:1)

在对密码进行哈希处理时,请尝试使用以下功能:

password_hash()
password_verify()
password_needs_rehash()
password_get_info()

如果您想以标准方式进行操作,这些功能非常方便。 Here是有关此的文章。

根据新密码的更新,它与任何标准更新查询相同。

  

UPDATE table_name SET column1 = value,column2 = value2,...在哪里   some_column = some_value

Here是更多信息。

答案 1 :(得分:0)

我建议您将mysqli_query()prepared语句一起使用。为了避免SQL injection,您必须使用prepared statements

$mysqli = new mysqli("example.com", "user", "password", "database");
if ($mysqli->connect_errno) {
    echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}

/* Prepared statement, stage 1: prepare */
$stmt = $mysqli->prepare("update mahasiswa set password = ? where mahasiswa_id = ?");
$new_password = password_hash($_POST['new_password']);
$stmt->bind_param("si", $new_password, $session_id);
$stmt->execute();
if($stmt->affected_rows === 0) exit('No rows updated');
$stmt->close();

使用mysqli_query()代替mysql_query()的简单示例。

 //$con must contain your database connection
 //eg:  $con = mysqli_connect("localhost","my_user","my_password","my_db");
 $new_password = password_hash($_POST['new_password']);
 $my_query = 'update mahasiswa set password = '.$new_password.' where mahasiswa_id = '.$session_id;
 if(mysqli_query($con,$my_query)){
     //database updated succesfully
 } else {
     //failure
 }

如果您正在使用mysql_query(),那么

 // if your db connection is valid then
 if(mysql_query($my_query)){
     //database updated succesfully
 } else {
     //failure
 }
相关问题
最新问题