0

您好,感谢您的宝贵时间。

不管我做了多少研究,我都找不到已经讨论过的解决这个问题的方法。

问题是提交按钮会自动重定向,似乎没有发布表单。它一直有效,直到我从 MySQL 函数转换为 MySQLi。除了网站的这一部分,其他一切都在工作。

HTML 表单(myaccount.inc.php):

<div id="change-password">

<form class="clearfix" action="" method="post">

        <div><span class="he1">Change Password</span></div>

        <div>
            <?php include_once 'controllers/accountController.php'; ?>
        </div>

        <div><label class="fieldlabel" for="password">Current Password:</label></div>
        <input type="password" name="password" id="password" size="23" /><br />

        <div><label class="fieldlabel" for="passwordnew1">New Password:</label></div>
        <input type="password" name="passwordnew1" id="passwordnew1" size="23" /><br />

        <div><label class="fieldlabel" for="passwordnew2">Confirm New Password:</label></div>
        <input type="password" name="passwordnew2" id="passwordnew2" size="23" /><br />

        <input type="submit" name="submit" value="Change Password" class="bt_changepass" />

</form>

</div>

然后,由于缺乏更好的术语,这种形式由一些​​ PHP 控制。

PHP (accountController.php):

// Checking whether the Password Change form has been submitted.
if(isset($_POST['submit'])=='Change Password')
{
echo "<br />";

// Get the data from the database.
$sql = $mysqli->query("SELECT * FROM ss_members WHERE usr = '".$_SESSION['usr']."' AND pass = '".md5($_POST['password'])."'");
$row = $sql->fetch_assoc();

// Will hold our errors
$err = array();

if($_POST['password'] == "" || $_POST['passwordnew1'] == "" || $_POST['passwordnew2'] == "")
{
    $err[] = 'All the fields must be filled in!';
}

if(!$row['pass'] == md5($_POST['password']) && $_POST['passwordnew1'] != "" && $_POST['passwordnew2'] != "")
{
    $err[] = 'Current password is not correct!';
}

if($_POST['passwordnew1'] <> $_POST['passwordnew2'])
{
    $err[] = 'New passwords do not match!';
}

if(!count($err))
{
    if($row['usr'])
    {
        // If everything is OK change password.
        $stmt = $mysqli->prepare("UPDATE ss_members SET pass = md5(?) WHERE usr = {$_SESSION['usr']}");
        $stmt->bind_param('s', $_POST['passwordnew1']);
        $stmt->execute();
        $stmt->close();

        echo "Password has been sucessfully updated!<br />";
    }
    else
    {
        $err[]='Something broke!';
    }
}

if($err)
{
    // Save the error messages in the session.
    foreach($err as $error)
    {
        echo $error . "<br />";
    }   
}

echo "<br />";
}
4

5 回答 5

4

您的标签中没有action设置,<form>它将数据发送到同一个文件。即,myaccount.inc.php

将其更改为:

<form class="clearfix" action="accountController.php" method="post">
于 2013-03-01T05:57:29.873 回答
1

试试这个 :

给表单动作accountController.php

<form class="clearfix" action="accountController.php" method="post">

于 2013-03-01T05:57:47.190 回答
1

问题是你包括

<?php include_once 'controllers/accountController.php'; ?>

标头发送后。

您可以移动

<?php include_once 'controllers/accountController.php'; ?>

到页面顶部,在处理程序部分内,或者您可以将表单提交到

controllers/accountController.php

使用

<form class="clearfix" action="controllers/accountController.php" method="post">

于 2013-03-01T06:02:19.243 回答
1

将您更改action为此,因为accountController.php存在于 controllers文件夹中。

<form class="clearfix" action="controllers/accountController.php" method="post">
于 2013-03-01T06:02:44.860 回答
1

mysqli 是一个类,它的函数查询不是静态的,所以你必须先声明一个 mysqli 类的实例,然后才能使用$mysqli->query.

你应该把

$mysqli = new mysqli('localhost', 'my_user', 'my_password', 'my_db');

$sql = $mysqli->query("SELECT * FROM ss_members WHERE usr = '".$_SESSION['usr']."' AND pass = '".md5($_POST['password'])."'");
于 2013-03-01T06:33:49.870 回答