-1

好的,所以今天,我编辑了这段代码,它应该是为了让用户可以更改他们的电子邮件地址。在他们更改电子邮件地址后,它将向用户发送一封确认电子邮件。但是,相反,我被重定向到内部错误 500 页面。:\ 有什么帮助吗?我看不出代码有什么问题..

<?php

include("session.php");
//Create game account
$mysqli = new mysqli("localhost", "root", "password", "data");

if(mysqli_connect_errno()){
    echo("Sorry, the server is 'Under Maintainance'");
    exit();
}

$newemail = $mysqli->real_escape_string($_POST['email']);
$newemail = strtolower($newemail);
$password = $mysqli->real_escape_string($_POST['password']);
$hash     = sha1(strtolower($name) . $password);

if(!isset($name)){
    header("Location:index");
}else if($password == null || $password == "" || (strlen($password)) < 4 || strpos($password, '<') !== false || strpos($password, '>') !== false){
    header("Location:cemail?error=6");//Invalid password
}else if($newemail == null || $newemail == "" || (strlen($newemail) <= 6 || strpos($newemail, '<') !== false || strpos($newemail, '>') !== false) || strpos($newemail, '@') == false || strpos($newemail, ".com") == false){
    header("Location:cemail?error=7");//Invalid Email address
}else if($email == $newemail){
    header("Location:cemail?error=7");//Invalid Email address
}else{
    $result  = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");
    $row_cnt = $result->num_rows;
    $result->free();

    if($row_cnt != 0){
        header("Location:cemail?error=3");//Email already taken
    }else{

        $result  = $mysqli->query("SELECT * FROM characters WHERE originemail='$newemail' && name!='$name'");
        $row_cnt = $result->num_rows;
        $result->free();

        if($row_cnt != 0){
            header("Location:cemail?error=3");//Email already taken
        }else{

            $result = $mysqli->query("SELECT * FROM characters WHERE name='$name'");

            /* fetch associative array */
            while($row = $result->fetch_assoc()){
                $pass        = $row['pass'];
                $originemail = $row['originemail'];
            }

            /* free result set */
            $result->free();

            if($hash != $pass){
                header("Location:cemail?error=6");//Invalid Password Match
            }else{
                $mysqli->query("UPDATE characters SET email='$newemail' WHERE name='$name'");

//Send Email to confirm 
                $to      = $newemail . ", " . $originemail;
                $subject = "Your email address has now been successfully changed!";
                $body    = "This is a notification regarding the recent change(s) made to your Legion Online account: " . $username . "
\n\n
Your email address has recently been modified through the Legion Online website. If you made this email address change, please disregard this notification. If you did not change your email address, please visit the account recovery page to ensure your account is secure.\n\nEmail addresses connected to this account: \n" . $originemail . "(primary)\n" . $newemail;
                $headers = "From: AccountSupport@ArchStudios.net" . "\r\n";
                if(mail($to, $subject, $body, $headers)){
                    header("Location:accountsettings");
                }else{
                    echo "Email request failed.";
                }
            }
        }
    }
}
$mysqli->close();
?>
4

2 回答 2

0

你只有一个变量 $name 的单引号:

$result=$mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");

复制这个:

$result=$mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name'");
于 2013-07-30T19:44:19.933 回答
0

不要忘记关闭单引号/双引号。

代替

$mysqli = new mysqli("localhost", "root", "password", "data);
$result  = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");

经过

$mysqli = new mysqli("localhost", "root", "password", "data");
$result  = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name'");
于 2013-07-30T19:47:12.413 回答