-4

我有这段代码,我试图将 $current 与 $password 进行比较,后者是数组,甚至认为两者具有相同的值并且不起作用。

$current_password = mysqli_query($db_connection,"SELECT password FROM
                                     user WHERE username  = 'sanket' ");
$row = mysqli_fetch_array($current_password);
foreach($row as $pass)
{
    $password = $pass[0];
}
$current = $_POST['old_password'];
if ($current == $password) {

    if ($_POST['new_password'] == $_POST['confirm_password']) {

    mysqli_query($db_connection,"UPDATE user SET password
    = ".$_POST['confirm_password']."   WHERE username  = 'sanket'") ;

}
4

1 回答 1

2 
$row = mysqli_fetch_array($current_password);
foreach($row as $pass)
{
    $password = $pass[0];
}

$row已经是一个带字符串的一维数组。当您 foreach 结束时$row$pass将是一个字符串。因此,当您随后分配$pass[0]给 时$password,您将字符串的第一个字符分配$pass$password。所以只要写:

$row = mysqli_fetch_array($current_password);
$password = $row[0];

这里有必要的警告:使用正确的转义mysqli_preparemysqli_real_escape_string用户输入!

于 2013-07-22T07:53:00.300 回答