0

我在 php 中编写了一个脚本来重置用户的密码,如何检查表中的密码是否已更新?

例如,如果元组/列中的数据已更改,则发送电子邮件。请检查脚本中的注释。

 $dbcc = mysqli_connect(HOST,NAME,PASSWORD,DATABASE) or die('Error can not connect to database');

 $query = "SELECT uid,email FROM `corporate` WHERE (email='$chk_email')";
 $result = mysqli_query($dbc, $query);
            
 //found
 if(@mysqli_num_rows($result) == 1)
 {
                    $ROW = mysqli_fetch_array($result);
                    $sent_email = $ROW['email']; //get email
                    $id = $ROW['uid'];           //get uid
                    
                    $new_password = generatePassword(8);//generates 8 char long random password 
                    $enc_password = md5($new_password); //encrypt
                    
                    $statement = "UPDATE corpoorate SET password=".$enc_password." WHERE uid ='$id'";
                    $go = mysqli_query($dbcc,$statement) or die(mysqli_error());
                    mysqli_close($dbcc);
                    
                       /*
                        * HOW DO I CHECK IF PASSWORD IS UPDATED IN THE DATABASE?
                        * IF IT IS, SEND EMAIL
                                                    * IF $go==true does not work!
                        **/
                    if($go==true){
                    $sendmessage = "We have generated a new password token for you.\n Your password is reset to ".$new_password." \n Please note that this password is not secure. Once you login, please reset your password.\n ";
                    
                     mail($sent_email,'Password Reset',$sendmessage,'From: address@gmail.com');     
                                                                                    }                   
                    
                     header("Location : http://limozoor.com/login/signin.php");
                     exit();    
        }//if
        mysqli_close($dbcc);
4

2 回答 2

0

你为什么不使用mysqli_affected_rows

 // remove: $go = mysqli_query($dbcc,$statement) or die(mysqli_error());
 $qry =@ mysqli_query($dbcc, $statement);
 $aff =@ mysqli_affected_rows($dbcc);
 if ($qry === true && $aff > 0) {
      mail(...);
 }

从手册;

mysqli_查询

失败时返回 FALSE。对于成功的 SELECT、SHOW、DESCRIBE 或 EXPLAIN 查询,mysqli_query() 将返回一个 mysqli_result 对象。对于其他成功的查询,mysqli_query() 将返回 TRUE。

mysqli_affected_rows

大于零的整数表示受影响或检索的行数。零表示没有为 UPDATE 语句更新的记录、没有与查询中的 WHERE 子句匹配的行或尚未执行查询。-1 表示查询返回错误。

http://php.net/manual/en/mysqli.affected-rows.php
http://php.net/manual/en/mysqli.query.php

于 2013-01-30T21:53:54.010 回答
-1

由于您的or die(mysqli_error());-condition,如果密码到达那些执行行,将始终在表中更新密码。

但是,我对您持怀疑态度,if(@mysqli_num_rows($resultt) == 1)因为如果您的第一个 SQL 查询中有任何错误,您将在那里(通过使用@)抑制所有错误消息,这让我认为您甚至从未尝试执行 UPDATE 语句。

于 2013-01-30T21:13:01.123 回答