为什么即使输入了错误的密码,我的密码仍然会更改?

时间:2019-07-11 07:19:41

标签: php mysql

php代码在这里:

if(isset($_POST["btn"])) {
    $current = mysqli_real_escape_string($link, $_POST['current']);
    $new = mysqli_real_escape_string($link, $_POST['new']);

    $sql=mysqli_query($link,"SELECT password FROM admin where id=1");
    $num=mysqli_fetch_array($sql);

    if($num>0)
    {
        $con=mysqli_query($link,"update admin set password=' $new' where id=1");
        $_SESSION['msg1']="Password Changed Successfully!!";
    }

    else
    {
        $_SESSION['msg1']="Current Password not match!!";
    }
}

不在乎密码哈希,这只是示例,我只想知道为什么输入错误密码后密码仍会更改

用于输出密码的HTML代码已更改:

<p style="color: red;"><?php echo $_SESSION['msg1'];?><?php echo $_SESSION['msg1']="";?></p>

0 个答案:

没有答案