卡在PHP查询上 [英] Stuck on PHP query

问题描述

我创建了一个页面，允许用户更改密码和电子邮件.所有这些都能正常工作，但是由于某些原因，当我只想更改电子邮件时，我还会得到字段当前密码不正确.

电子邮件本身在数据库中发生了变化，但是显示出来了，我显然已经验证了它的运行状况，但是我不确定如何解决这个问题，如果只有电子邮件已更改.

I've created a page that allows users to change their password and email. All of it works but for some reason when I just want to change my email I also get the field Current Password is incorrect.

The email itself changes in the database but this shows up, I've obviously validated that it shwos up but I am unsure of how to get around to write a new query that will ignore the previous queries if only the email is changed.

我的代码:

<title>Honda |</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'>
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" />



<?php
session_start();



$username = $_SESSION['sess_user'];

    echo '<div class="search1"><h2>'.$username.'</h2><div class="search12"><h2><a href="index2.php">Home</a></h2></p></div></div>';


    if (isset($_SESSION['sess_user']))
    {
        //user is logged in

        if (isset($_POST['submit']))
        {
            //start changing password
            //check fields

            $oldpassword = md5($_POST['oldpassword']);
            $newpassword = md5($_POST['newpassword']);
            $email = $_POST['email'];


            $repeatnewpassword = md5($_POST['repeatnewpassword']);


            //check password against db
            include('../includes/config.php');

            $queryget = mysql_query("SELECT password FROM login WHERE username='$username'") or die ("change password failed");
            $row = mysql_fetch_assoc($queryget);
            $oldpassworddb = $row['password'];

            //check passwords
            if ($oldpassword==$oldpassworddb)
            {

                if (isset($_POST['repeatnewpassword']) AND isset($_POST['newpassword']) AND $_POST['newpassword'] != '') {
                    if ($newpassword==$repeatnewpassword)
                    {
                        $querychange = mysql_query("UPDATE login SET password='$newpassword' WHERE   username='$username'");
                        echo "<div class='successmate'><br><br><br><br><hr>Password has been changed!</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index2.php'><br><br></a></p></h2></div>";
                    }
                    else {echo "<div class='results'>new password(s) dont match</div><div class='successmate'><br><br><h2><p><a href='changepassword.php'>try again?</a></p></h2></div>";}

                }


            }
            else {echo "<div class='results'>current password doesnt match</div><div class='successmate'><h2><p><a href='changepassword.php'><br><br>Try again?</a></p></h2></div>";}


            if (isset($_POST['email']) AND $_POST['email'] != '') {
                $querychange = mysql_query("UPDATE login SET email='$email' WHERE   username='$username'");
                echo "<div class='successmate'><br><br><br><br><hr>Your email has been changed</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index2.php'><br><br></a></p></h2></div>";
            }}


        else
        {

            echo"
        <form class='search1' action='changepassword.php' method='POST'>
        <label>Current Password:</label> <input type='password' id='password' name='oldpassword'><p>
        <label>New Password:</label> <input type='password' id='password' name='newpassword'><p>
        <label>Repeat New Password:</label> <input type='password'  name='repeatnewpassword'><p>
        <label>Email:</label> <input type='email'  name='email'><p>
        <input type='submit' name='submit' class='submit' value='submit'><br><br><br>
        <h2><p><a href='index2.php'>Back</a></p></h2>
        </form>
        ";


        }}
    else
        die ("You must be logged in to change your password");


    ?>

<img src="../images/main.jpg">

推荐答案

您正在检查是否为密码设置了帖子值(密码将始终为该值，因为将始终提交该表单元素).确保不将这些值设置为空，而不是简单地检查这些值是否已设置.同样，在进行比较时，不要使用单词"AND"，而使用and运算符&&".

You're checking that the post values are set for the password (which they always will be, because that form element will always be submitted). Instead of simplychecking if those vaues are set, make sure thay're not empty. use empty() Also, when making comparisons don't use the word "AND" use the and operator "&&".

        if (!empty($_POST['repeatnewpassword']) && !empty($_POST['newpassword'])) {
            if ($newpassword==$repeatnewpassword)
            {
                $querychange = mysql_query("UPDATE login SET password='$newpassword' WHERE   username='$username'");
                echo "<div class='successmate'><br><br><br><br><hr>Password has been changed!</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index2.php'><br><br></a></p></h2></div>";
            }
            else {echo "<div class='results'>new password(s) dont match</div><div class='successmate'><br><br><h2><p><a href='changepassword.php'>try again?</a></p></h2></div>";}

        }

我正在查看错误的代码块.上面的建议是很好的建议，但是您的问题在这里:

I'm looking at the wrong chunk of code. The above advice is good advice, but your problem is here:

如果密码字段为空，那么它们将永远不会相同，因此if ($oldpassword==$oldpassworddb)将始终为false.

If the password fields are empty then these will never be the same, so if ($oldpassword==$oldpassworddb) will always evaluate false.

尝试

if ($oldpassword==$oldpassworddb && !empty($_POST['oldpassword']))

这篇关于卡在PHP查询上的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！