0

我制作了一个脚本,它应该使用户能够更改他们的密码。但我得到错误确认密码和新密码不匹配..这是代码

<?
session_start();   
include 'db.php';

 if($_POST['username']!="") {
  $username = $_POST['username'];  
}
else die("No Username was passed");
if($_POST['password']!="") {
  $password = $_POST['password'];
}
else die("No Password was passed");
if($_POST['newpassword']!="") {
  $newpassword = $_POST['newpassword'];
}
else die("No NewPassword was passed");
if($_POST['confirmnewpassword']!="") {
  $newpassword = $_POST['confirmnewpassword'];
}
else die("No Confirm Password was passed");

$username = $_POST['username'];  
$password = $_POST['password'];
$newpassword = $_POST['newpassword'];
$confirmnewpassword = $_POST['confirmnewpassword'];

$result = mysql_query("SELECT password FROM users WHERE username='$username'");

    if(!$result){
        echo "The username entered does not exist!";
    }
    else
        if($password != mysql_result($result, 0)){
            echo "Entered an incorrect password";
            }

    if($newpassword == $confirmnewpassword){
        $sql = mysql_query("UPDATE users SET password = '$newpassword' WHERE username = '$username'");      
    }

    if(!$sql){
        echo "Congratulations, password successfully changed!";
    }
    else{
        echo "New password and confirm password must be the same!";
    }

  ?>

这是表格代码

<form action="lostpw.php" method="post" name="" id="">
                                            <table width="50%" border="0" align="center" cellpadding="4" cellspacing="0">
                                                <tr> 
                                                  <td width="22%">Username</td>
                                                  <td width="78%"><input name="username" type="text" id="username" value="<? echo "". $_SESSION['username'] ."" ?>"></td>
                                                </tr>
                                                <tr> 
                                                  <td width="22%">Old password</td>
                                                  <td width="78%"><input name="password" type="text" id="password"></td>
                                                </tr>
                                                  <td>New Password</td>
                                                  <td><input name="newpassword" type="newpassword" value=""></td>
                                                </tr>
                                                <tr> 
                                                </tr>
                                                  <td>Confirm </td>
                                                  <td><input name="confirmnewpassword" type="confirmnewpassword" value=""></td>
                                                </tr>
                                                <tr> 
                                                  <td>&nbsp;</td>
                                                  <td><input type="submit" name="Submit" value="update"></td>
                                                </tr>
                                                <tr> 
                                                  <td><a href="home.php">Back</a></td>
                                                </tr>
                                            </table>
</form>

我在哪里做错了。

4

2 回答 2

1

在任何不良行为的情况下,您都不会停止。您不会在以下情况下停止脚本的执行:

if(!$result){
        echo "The username entered does not exist!";
    } else if($password != mysql_result($result, 0)){
        echo "Entered an incorrect password";
}

所以:

if($newpassword == $confirmnewpassword){
    $sql = mysql_query("UPDATE users SET password = '$newpassword' WHERE username = '$username'");      
}

将始终被评估。

if(!$sql){
    echo "Congratulations, password successfully changed!";
} else {
    echo "New password and confirm password must be the same!";
}

表示:当查询失败时($sql = false, !$sql = true)打印成功消息,否则打印失败消息。我不认为那是你想要的。您可能想要反转这两个块。

于 2013-03-18T03:15:42.487 回答
0

你不应该有那个感叹号,它是一个逆变器。这就是说'如果查询 DIDN'T WORK,说祝贺,否则如果它 DID 工作,给出错误消息。以下:

if(!$sql){
    echo "Congratulations, password successfully changed!";
}
else{
    echo "New password and confirm password must be the same!";
}

应该:

if($sql){
    echo "Congratulations, password successfully changed!";
}
else{
    echo "New password and confirm password must be the same!";
}
于 2013-03-18T03:16:29.430 回答