0

愿你们平安,我正在开发一个“忘记用户名”系统,我的代码如下所示:-

第一种形式:-

`<form action="security.php" method="post">
  Please Enter your email address:<br>
 <input type="text" name="email" value="<?php $_POST['email']?>">
 <input type="submit" value="submit"> 
 </form>`

php代码:

`<?php
$mode_allowed = array('username','password');
if(isset($_GET['mode']) === true && in_array($_GET['mode'],$mode_allowed) === true){
  if(isset($_POST['email']) === true && empty($_POST['email']) === false){
     if(email_exists($_POST['email']) === true){
    header('location:security.php');
    }else{
         echo "Sorry, we can't find this email";
        }
    }
    }else{
        header('location:index.php');
    }
?>`

现在另一个页面:

   <form action="security.php" method="POST">
<p> Answer this question <p>
<select type="text" selected="selected" name="security_question" value="<?php $security_question?>">
<option name="security_question" value="<?php $security_question =mysql_query("SELECT `security_question` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' ");
                            $array = mysql_fetch_array($security_question);
                            echo $array[0];
                            ?>">
        <?php $security_question =mysql_query("SELECT `security_question` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' ");
                            $array = mysql_fetch_array($security_question);
                            echo $array[0];
                            ?>                  
     </option> </select> <br>
<input type="text" name="answer"/> <br>
<input type="submit" value="recover"/>
</form>

及其PHP:

<?php
include "session.php";
include "database/db.php";
if(isset($_POST['answer'])){
$answer = $_POST['answer'];
    if(!empty($answer)){
        $sql = mysql_query("SELECT `username` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' AND `answer`='".mysql_real_escape_string($answer)."'");
                if(mysql_num_rows($sql) == 1){
                echo"hello";                
            }else {
                echo "no";
            }

        }else{
            echo "<script type='text/javascript'>alert('you must answer this question');</script>";
        }
    }
?>

我还为电子邮件添加了一个隐藏字段:-

<input type="hidden" name="email" value="<?php echo $_POST['email'];?>">

现在,只有当我从 SQL 语句中删除“电子邮件”部分时,代码才能完美运行!这里有什么错误?!

4

2 回答 2

0

您没有给出<input>aname属性,因此它不会与表单一起提交。

<input type="hidden" name="email" value="<?php echo $_POST['email'];?>"></input>
                    ^ ^^^^^^^^^^^---missing                             ^^^^^^^^--illegal html

你的 HTML 从根本上被破坏了......

于 2013-10-01T20:46:00.193 回答
0

尝试在其中回显电子邮件isset

echo $email=mysql_real_escape_string($_POST['email']);

如果这里 $email 不为空,则简单地使用它

$sql = mysql_query("SELECT `username` FROM `users` WHERE `email`='$email' AND `answer`='".mysql_real_escape_string($answer)."'");

这可能有助于解决....

于 2013-10-01T21:01:38.500 回答