-2

I have some issues with the following PHP code:

require '../core/connection.php';
require '../includes/functions.php';
if (isset($_SESSION['user_id'])) {
    if (isset($_POST['current_user_password'])) {
        $current_user_password = md5($_POST['current_user_password']);
        if ($current_user_password != $_SESSION['user_password']) {
            header('Location:../edit_credentials.php?edit=password&error=current_password');
        } else {
            $new_password = $_POST['new_user_password'];
            $new_password2 = $_POST['new_user_password2'];
            if ($new_password == '' || ($new_password2 == '') {
                header('Location:../edit_credentials.php?edit=password&error=new_password_empty');
            }
            if ($new_password != $new_password2) {
                header('Location:../edit_credentials.php?edit=password&error=new_password_not_equal');
            } else {
                $new_password = md5($new_password);
                edit_user_password($user_id,$new_password);
            }
        }
    } else {
        echo 'current_user_password not set';
    }
} else {
    echo 'Session not set';
}

Here is the function as well:

function edit_user_password($user_id,$user_password){
    global $db;
    $user_password_data = $db->query('
        UPDATE `users`
        SET `user_password` = "'.$user_password.'" WHERE `user_id` = "'.$user_id.'";');
        $_SESSION['user_password'] = $user_password;
        $db->query($user_password_data);
        header("Location:../edit_credentials.php?saved=password");
}

Everything works besides this part:

if ($new_password == '' || ($new_password2 == '') {
                header('Location:../edit_credentials.php?edit=password&error=new_password_empty');
            }

When it comes to this part, where the passwords are empty, if i switch out the redirection with a die('test'), it works, but it wont work with the redirect. Any chance you guys know why this is not working?

Thanks in advance for all help.

4

1 回答 1

1

您应该exit;在每次header('Location:...');通话后添加一个。否则脚本将继续运行。

于 2013-10-17T21:49:56.897 回答