我无法让它正常工作我正在尝试清理我的 php 文件并创建一个更改用户密码的函数。function setPass
如果我将函数文件中的复制代码保留在文件中,它工作正常Login_success.php
。当我将工作代码复制到functions.php
具有函数名称的文件中时,setPass
它不起作用我也没有收到错误消息。我意识到不使用 PDO 准备好的语句是不安全的,但一旦我开始工作,我会改变它。这是我的 login_success 文件和函数文件的代码:
函数.php
<?php
require 'DB.php';
function setPass(){
foreach($conn->query("SELECT password FROM CLL_users WHERE user_name= '$userCurrent'") as $password1) {
$old_pass = ($password1['password']);
}
$new_pass = md5($_POST['new_pass']);
if (md5($_POST['old_password']) == ($old_pass) && ($_POST['new_pass']) == ($_POST['verify_pass'])) {
$sql="UPDATE CLL_users SET password= '$new_pass' WHERE user_name= '$userCurrent'";
$result=mysql_query($sql);
echo "Match";
} else {
echo "Not a Match";
}
}
?>
login_success.php
<?php
require 'functions.php';
require 'DB.php';
session_start();
session_is_registered(myusername);
$userCurrent = $_SESSION['myusername'];
$host="localhost"; // Host name
$username="user"; // Mysql username
$password="XXXXXX"; // Mysql password
$db_name="db"; // Database name
$tbl_name="CLL_users"; // Table name
date_default_timezone_set('America/Chicago');
$dateCreated = date('m/d/Y h:i:s a', time());
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql="UPDATE CLL_users SET last_login= '$dateCreated' WHERE user_name= '$userCurrent'";
$result=mysql_query($sql);
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>user</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<LINK href="CLL.css" rel="stylesheet" type="text/css">
</head>
<body>
<form id ="css" action="" method="post">
<div class="row">
<label class ="formLabel" for="old_password">Old password:</label>
<input type="password" name="old_password" id="old_password" />
<br> <label class ="formLabel" for="new_pass">New Password:</label>
<input type="password" name="new_pass" id="new_pass" />
<br> <label class ="formLabel" for="verify_pass">Verify new password:</label>
<input type="password" name="verify_pass" id="verify_pass" />
</div>
<input type="submit" />
</form>
<?php
$_POST['old_password'] = $old_pass;
$_POST['new_pass'] = $new_pass;
$_POST['verify_pass'] = $verify_pass;
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
setPass($userCurrent, $old_pass, $new_pass, $verify_pass);
}
?>
</body>
</html>