大家好!我看到过很多有关更改密码的话题,但是我真的不明白它是如何工作的。我创建一个表名tbl_user,其中fieldname为id,username,email,user_type和password。我正在搜索用于更改密码的完整代码,但问题是它根本没有用。我已经包含了此代码$db = new mysqli("localhost", "root", "", "mydb")。什么都没发生。如何更改登录密码?关于我的问题有人可以帮我吗?我想创建一个离线网站。我只需要更改密码即可。
<script type="text/javascript">
function validatePassword() {
var defaultcurrentPass,changenewPass,RetypePassword,output = true;
defaultcurrentPass = document.frmChange.defaultcurrentPass;
changenewPass = document.frmChange.changenewPass;
RetypePassword = document.frmChange.RetypePassword;
if(!defaultcurrentPass.value) {
defaultcurrentPass.focus();
document.getElementById("defaultcurrentPass").innerHTML = "required";
output = false;
}
else if(!changenewPass.value) {
changenewPass.focus();
document.getElementById("changenewPass").innerHTML = "required";
output = false;
}
else if(!RetypePassword.value) {
RetypePassword.focus();
document.getElementById("RetypePassword").innerHTML = "required";
output = false;
}
if(changenewPass.value != RetypePassword.value) {
changenewPass.value="";
RetypePassword.value="";
changenewPass.focus();
document.getElementById("RetypePassword").innerHTML = "Both Password are not same";
output = false;
}
return output;
}
</script><!doctype html>
<html lang="en">
<head>
<style type="text/css">
.required {color: #FF0000; font-size:16px; font-weight:italic; padding-left:10px;}
.message {color: #FF0000; text-align: center; width: 100%;}
</style>
</head>
<body>
<form name="frmChange" action="" method="POST" onSubmit="return validatePassword()">
<div class="form-group">
<label>Current Password: <span id="defaultcurrentPass" class="required"></span></label>
<input type="password" name="defaultcurrentPass" class="form-control"/>
</div>
<div class="form-group">
<label>New Password: <span id="changenewPass" class="required"></span></label>
<input type="password" name="changenewPass" class="form-control"/>
</div>
<div class="form-group">
<label>Retype New Password: <span id="RetypePassword" class="required"></span></label>
<input type="password" name="RetypePassword" class="form-control"/>
</div>
<div>
<input type="hidden" value="<?php echo $cms_desc['ofid']; ?>"name="hofid"/>
<input type="submit" name="updatepass" class="btn btn-primary" value="Update Password"/>
</div>
</form>
</body>
</html>
<?php
$db = new mysqli("localhost", "root", "", "mydb");
$_SESSION["id"]=31;
if(isset($_POST['updatepass'])) {
$result =$db->query("SELECT *from tbl_user WHERE id='" . $_SESSION["id"] . "'");
$row=mysqli_fetch_array($result);
$pass_encrypt=md5(mysqli_real_escape_string($db,$_POST['defaultcurrentPass']));
if($pass_encrypt == $row["password"]) {
$passnew_encrypt=md5(mysqli_real_escape_string($db,$_POST['changenewPass']));
$str=$db->query("UPDATE tbl_user set password='" . $passnew_encrypt . "' WHERE id='" . $_SESSION["id"] . "'");
$message = "You have successfully changed your password.";
} else $message = "Current Password is not correct";
}
?>
答案 0 :(得分:-1)
<?php
$connection = mysqli_connect('localhost', 'root', '', 'mydb') or die('Connect to database'); // 1) connect to db
if(isset($_POST['oldPass']) && isset($_POST['newPass'])) {
if (!$user_id = $_SESSION['user_id']) return die('No User Session Found'); // 2) make sure you are logged in
$sql = "SELECT id, password FROM tbl_user WHERE id = $user_id";
$result = mysqli_query($connection, $sql) or die(mysqli_error($connection)); // 3) to check whether users exist or not
$row = mysqli_fetch_array($result, MYSQLI_BOTH);
if ($row['userPass'] == $_POST['oldPass']) { // 4) checks previous password
$sqlUpdateQuery = "UPDATE tbl_user SET password = " . $_POST['newPass'] . " WHERE id = $user_id";
$result = mysqli_query($connection, $sqlUpdateQuery) or die(mysqli_error($connection));
if ($result) {
echo "Updated!!";
}
}
}
?>
<form method="POST">
Old Pass:
<input type="password" name="oldPass"> <br>
New Pass:
<input type="password" name="newPass"> <br>
<input type="submit" value="update">
</form>
要调试,请使用mysqli_error函数。