0

我不断收到错误消息,我必须在代码中正确输入两个新密码。那不是我想要的。如果密码字段已填写,则应检查密码是否匹配并符合要求。否则,它应该更新配置文件。但它没有这样做。IT 仍会检查密码字段。你能告诉我我的代码做错了什么吗?

    <?php
    if ($post == "yes") {


    $uppercase = preg_match('@[A-Z]@', $password);
    $lowercase = preg_match('@[a-z]@', $password);
    $number    = preg_match('@[0-9]@', $password);

    if (isset($password) && ($password != $password2 || !$uppercase || !$lowercase ||    !$number || strlen($password) < 8)) {
    echo "<table class=tablenews><tr><td>There is an error with your passwords. Either they do not match, or your new password does not contain 8 characters, a number, a lower and an upper case letter. Go back and retry again. </td></tr></table>";

    }

    else {
     $password = generateHash($password);

    $result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'") 
    or die(mysql_error());  
    $result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='".   $_SESSION['user_id'] . "'") 
     or die(mysql_error()); 
    $result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='".    $_SESSION['user_id'] . "'") 
    or die(mysql_error()); 
    $result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'") 
    or die(mysql_error()); 
    $result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='".     $_SESSION['user_id'] . "'") 
    or die(mysql_error()); 
        $result = mysql_query("UPDATE users SET password='" . $password . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
}

    if (!isset($password)) {
$result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error());  
$result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
$result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
$result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 
$result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='". $_SESSION['user_id'] . "'") 
or die(mysql_error()); 



    printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');

}


}

else {
?>

<table class="tablenews">
<tr><th>Edit your Profile</th></tr>

<?php
$userfinalid = $_SESSION['user_id'];
$prAvatar = get_user_data($userfinalid, avatar);
$prSignature = get_user_data($userfinalid, signature);
$prBio = get_user_data($userfinalid, bio);
$prDesc = get_user_data($userfinalid, desc);
$prIntro = get_user_data($userfinalid, intro);
?>

<br><tr><td>
<form method="post" action="<?php echo $thispage . "?siteid=profileedit"; ?>&proc=New&post=yes&<?php echo $pagevars; ?>">

<?php

echo '<label for="avatar" class=customlabelname>Avatar Link:</label><br><input type="text" class=customlabel name="avatar" value="' . $prAvatar .'"><br>';
echo '<label for="bio" class=customlabelname>User Bio:</label><br><textarea rows="10" cols="40" class=customlabel name="bio">' . $prBio .'</textarea><br>';
echo '<label for="desc" class=customlabelname>User Description:</label><br><textarea rows="10" cols="40" class=customlabel name="desc">' . $prDesc .'</textarea><br>';
echo '<label for="intro" class=customlabelname>User PM Intro:</label><br><textarea rows="10" cols="40" class=customlabel name="intro">' . $prIntro .'</textarea><br>';
echo '<label for="signature" class=customlabelname>User Signature:</label><br><textarea rows="10" cols="40" class=customlabel name="signature">' . $prSignature .'</textarea><br>';
echo '<label for="password" class=customlabelname>New Password(Leave Blank if it will be the same):</label><input type=password rows="10" cols="40" class=customlabel name="password"></textarea><br>';
echo '<label for="password2" class=customlabelname>ReType Password:</label><input type=password rows="10" cols="40" class=customlabel name="password2"></textarea><br>';
echo '<input type=submit value="submit" class=button2>';
?>

</td>
</tr>
</table>
<?php
}
    ?>
4

2 回答 2

0 
if (isset($_POST['password']) ...) {
    // ... display error
}

这意味着如果该password键确实存在于$_POST数组中,则显示错误。我认为您的意思是如果数组中不存在password密钥$_POST,则显示错误。!您应该通过在 if之前放置 a 来反转 if :

if (!isset(...) ...) {
于 2013-01-10T21:35:02.167 回答
0

这是否完成了您想要做的事情:

if(isset($password)) {
    if ($password != $password2 || !$uppercase || !$lowercase || !$number || strlen($password) < 8) {
        error_log('error');
    echo "<table class=tablenews><tr><td>There is an error with your passwords. Either they do not match, or your new password does not contain 8 characters, a number, a lower and an upper case letter. Go back and retry again. </td></tr></table>";

    } else {
        $password = generateHash($password);

        $result = mysql_query("UPDATE users SET avatar='" . $avatar . "' WHERE id='". $_SESSION['user_id'] . "'")
        or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_signature='" . $signature . "' WHERE id='".   $_SESSION['user_id'] . "'")
         or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_bio='" . $bio . "' WHERE id='".    $_SESSION['user_id'] . "'")
        or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_desc='" . $desc . "' WHERE id='". $_SESSION['user_id'] . "'")
        or die(mysql_error());
        $result = mysql_query("UPDATE users SET u_intro='" . $intro . "' WHERE id='".     $_SESSION['user_id'] . "'")
        or die(mysql_error());
            $result = mysql_query("UPDATE users SET password='" . $password . "' WHERE id='". $_SESSION['user_id'] . "'")
        or die(mysql_error());
        printf('<script>window.location = "http://www.sw-bfs.com/index.php?siteid=profileedit"</script>');
    }
}

将其余代码保持不变,只需替换第一个 if/else。

您的代码格式可以使用一些清理,您应该真正压缩 mysql 查询。

于 2013-01-10T21:55:10.700 回答