我对 PHP/Jquery 很陌生,我正在尝试为我的网站做一个更新密码脚本。到目前为止,密码已更新,但我正在努力思考如何验证它以检查旧密码。
此外,如何在警报框中显示错误消息(如 java 警报窗口)。我问的原因是因为如果旧密码与数据库中存在的密码不匹配,我需要创建一个警告框。
对此的任何帮助将不胜感激。如果您需要任何其他代码,我会尽快发布。
// *Update Profile Password* //
$("#btn-profile-update2").bind('click', function(){
// Get info from text boxes
/* var profile_oldpassword = $('#txt-prof-oldp').val(); */
var profile_newpassword = $('#txt-prof-newp').val();
var profile_confirmpassword = $('#txt-prof-confp').val();
new_password = $('#txt-prof-newp').val();
old_password = $('#txt-prof-oldp').val();
if (profile_newpassword !== profile_confirmpassword) {
response = "Passwords entered do not match"
alert(response);
return;
}
// An array of field names to be updated
var arr_field_names = Array();
// Add the field name to index of array
arr_field_names[0] = "Password";
// An array of field values that correspond with our field names...
var arr_field_values = Array();
arr_field_values[0] = profile_newpassword;
// Send to updateProfDetails function
updatePassword(arr_field_names,arr_field_values,new_password,old_password);
});
});
发送到这个函数:
function updatePassword(arr_field_names,arr_field_values,new_password,old_password) {
// Ajax parameters...
$.ajax({
// Request sent from control panel, so send to cp.request.php (which is the handler)
url: 'scripts/php/bootstrp/cp.request.php',
type: 'GET',
data: {
ft: "password",
table: "tblusers",
oldpassword: old_password,
newpassword: new_password,
field_names: arr_field_names,
field_values: arr_field_values,
// Either pass a row id as the 'id' OR a where clause as the 'condition' never both
id: null,
condition: null
},
dataType: 'text',
timeout: 20000,
error: function(){
$('#cp-div-error').html('');
$('#cp-div-error').append('<p>There was an error updating the data, please try again later.</p>');
$('#cp-div-error').dialog('open');
},
success: function(response){
// Refresh page
// location.reload(true);
}
});
}
最后是 PHP 更新:
public function password($tableName)
{
$PDO = new SQL();
$dbh = $PDO->connect(Database::$serverIP, Database::$serverPort, Database::$dbName, Database::$user, Database::$pass);
$username = UserAccount::get_useremail();
$password = hash('sha256',trim($_GET['newpassword']));
$oldpassword = hash('sha256',trim($_GET['oldpassword']));
// Does the password given match the password held?
$this->sql = "UPDATE $tableName SET password = '$password' WHERE UserName = '$username'";
try {
// Query
$stmt = $dbh->prepare($this->sql);
$stmt->execute();
$count = $stmt->rowCount();
echo $count.' row(s) updated by SQL: '.$stmt->queryString;
$stmt->closeCursor();
}
catch (PDOException $pe) {
echo 'Error: ' .$pe->getMessage(). 'SQL: '.$stmt->queryString;
die();
}
// Close connection
$dbh = null;
}