1

新来的,所以请放轻松。我有这个简单的 php 页面,当你使用它时,你输入你的用户名和密码。问题是我似乎无法重置它。基本背景是,数据库称为 My_Details,表称为 My_DetailsData。这是表单本身:

<form action="reset.php" method="post">
<p align="center">Type in below, your Username, Password and New Password to reset your       login id.</p>
<table id="form_pword_reset">
<tr><td>Username</td><td>: <input type="text" name="USERNAME" /></td></tr>
<tr><td>Password</td><td>: <input type="password" name="PASSWORD_HASH" /></td></tr>
<tr><td>New Password</td><td>: <input type="password" name="PASSWORD_RESET" /></td></tr>
<tr><td></td><td> <input type="submit" value="Reset Password" /></td></tr>
</table>
</form>

它链接到页面上一个名为reset.php的php页面,一切正常,除了当我在html页面上更改密码时,数据库表根本不受影响......

$db_select=mysql_select_db("My_Details",$conn) or die(mysql_error());

//Retrieving data from html form
$username = $_POST['USERNAME'];

$password = $_POST['PASSWORD_HASH'];

$password_reset = $_POST['PASSWORD_RESET'];

//for mysql injection (security reasons)

$username = mysql_real_escape_string($username);

$password = mysql_real_escape_string($password);

$password_reset = mysql_real_escape_string($password_reset);

$login = mysql_query("select*from My_DetailsData where USERNAME='$username' and  PASSWORD_HASH='$password'");

if(mysql_num_rows($login)== 1){
mysql_query($conn, "UPDATE My_DetailsData SET PASSWORD_HASH=$password_reset WHERE       USERNAME='$username' AND PASSWORD_HASH='$password'");

echo "Password Changed Successfully";


}
else{
echo "Incorrect Username or Password!";
}
mysql_close($conn);
4

6 回答 6

0

您似乎错过了 SET column='{value}' 的引号 

 <?php
$conn = mysql_connect('localhost','root','');
$db_select=mysql_select_db("My_Details",$conn) or die(mysql_error());

//Retrieving data from html form
$username = $_POST['USERNAME'];

$password = $_POST['PASSWORD_HASH'];

$password_reset = $_POST['PASSWORD_RESET'];

//for mysql injection (security reasons)

$username = mysql_real_escape_string($username);

$password = mysql_real_escape_string($password);

$password_reset = mysql_real_escape_string($password_reset);

$login = mysql_query("select * from My_DetailsData where USERNAME='$username' and  PASSWORD_HASH='$password'");

if(mysql_num_rows($login)== 1){
mysql_query($conn, "UPDATE My_DetailsData SET PASSWORD_HASH=$password_reset WHERE       USERNAME='$username' AND PASSWORD_HASH='$password'");
echo "UPDATE My_DetailsData SET 'PASSWORD_HASH`='$password_reset' WHERE       USERNAME='$username' AND PASSWORD_HASH='$password'";
echo "Password Changed Successfully";


}
else{
echo "Incorrect Username or Password!";
}
mysql_close($conn);
于 2013-10-07T09:20:21.773 回答
0

if(mysql_num_rows($login)== 1){ mysql_query($conn, "UPDATE My_DetailsData SET PASSWORD_HASH='$password_reset' WHERE USERNAME='$username' AND PASSWORD_HASH='$password'");

于 2013-10-07T09:10:31.670 回答
0 
<input type="submit" name="reset" value="Reset Password" />
<?php
if(isset($_POST['reset']))
{
$username = $_POST['USERNAME'];

$password = $_POST['PASSWORD_HASH'];

$password_reset = $_POST['PASSWORD_RESET'];
}
?>
Your Update code to

"UPDATE My_DetailsData SET PASSWORD_HASH='".$password_reset."' WHERE USERNAME='".$username."' AND PASSWORD_HASH='".$password."'");
于 2013-10-07T09:10:31.680 回答
0 
$password_reset = md5($$password_reset);
    $update = mysql_query("UPDATE My_DetailsData SET password_hash ='$password_reset ' WHERE username = '$username' ");
于 2013-10-07T09:10:35.563 回答
0

请添加空格:

从:

$login = mysql_query("select*from My_DetailsData where USERNAME='$username' and  PASSWORD_HASH='$password'");

至:

$login = mysql_query("select * from My_DetailsData where USERNAME='$username' and  PASSWORD_HASH='$password'");
于 2013-10-07T09:03:13.147 回答
-1

尝试这个:

UPDATE My_DetailsData SET PASSWORD_HASH='$password_reset' WHERE USERNAME='$username' AND PASSWORD_HASH='$password'
                                        ^missing quotes ^
于 2013-10-07T09:05:01.257 回答