我正在开发一个允许用户创建帐户的简单脚本。它没有什么特别之处,它要求的是用户名和密码。我遇到的唯一问题是创建一个允许用户更改密码的脚本。这是我的进步。
它说“您当前的密码不正确!”,即使密码没问题。我已经将它与同一页面上的另一个代码连接到数据库。
<?php
$CurrentPassword = mysql_real_escape_string(strip_tags(stripslashes($_POST['CurrentPassword'])));
$NewPassword = mysql_real_escape_string(strip_tags(stripslashes($_POST['NewPassword'])));
$ConfirmNewPassword = mysql_real_escape_string(strip_tags(stripslashes($_POST['ConfirmNewPassword'])));
$Submit2 = mysql_real_escape_string(strip_tags(stripslashes($_POST['Submit2'])));
?>
<?php
if ($Submit2) {
$_OLDHASH = hash('sha512',''.$CurrentPassword.'');
$_NEWHASH = hash('sha512',''.$NewPassword.'');
$_CONFIRMNEWHASH = hash('sha512',''.$ConfirmNewPassword.'');
if ($myU->Password == $_OLDHASH) {
if ($_NEWHASH == $_CONFIRMNEWHASH) {
mysql_query("UPDATE Password='".$_NEWHASH."' WHERE Username='".$User."'");
session_destroy();
header("Location: index.php");
}
else {
echo "Your new password and new confirm password does not match!";
}
}
else {
echo "Your current password is not right!";
}
}
?>
<form action='' method='POST'>
<br />
Update Password
<br />
<input placeholder='Current Password' type='password' name='CurrentPassword'>
<br />
<input placeholder='New Password' type='password' name='NewPassword'>
<br />
<input placeholder='Confirm New Password' type='password' name='ConfirmNewPassword'>
<br />
<input type='submit' value='Change' name='Submit2'><br />
</form>