更改密码 PHP MySQL
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15510042/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Changing a password PHP MySQL
提问by stark
I am working on a section of code that changes a password in a database upon completion of the following form:
我正在编写一段代码,在完成以下表单后更改数据库中的密码:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Password Change</title>
</head>
<body>
<h1>Change Password</h1>
<form method="POST" action="password_change.php">
<table>
<tr>
<td>Enter your UserName</td>
<td><input type="username" size="10" name="username"></td>
</tr>
<tr>
<td>Enter your existing password:</td>
<td><input type="password" size="10" name="password"></td>
</tr>
<tr>
<td>Enter your new password:</td>
<td><input type="password" size="10" name="newpassword"></td>
</tr>
<tr>
<td>Re-enter your new password:</td>
<td><input type="password" size="10" name="confirmnewpassword"></td>
</tr>
</table>
<p><input type="submit" value="Update Password">
</form>
<p><a href="home.php">Home</a>
<p><a href="logout.php">Logout</a>
</body>
</html>
And the the PHP:
和 PHP:
<?php
session_start();
include 'dbconfig.php';
$username = $_POST['username'];
$password = $_POST['password'];
$newpassword = $_POST['newpassword'];
$confirmnewpassword = $_POST['confirmnewpassword'];
$result = mysql_query("SELECT password FROM user_info WHERE
user_id='$username'");
if(!$result)
{
echo "The username you entered does not exist";
}
else if($password!= mysql_result($result, 0))
{
echo "You entered an incorrect password";
}
if($newpassword=$confirmnewpassword)
$sql=mysql_query("UPDATE user_info SET password='$newpassword' where
user_id='$username'");
if($sql)
{
echo "Congratulations You have successfully changed your password";
}
else
{
echo "Passwords do not match";
}
?>
The problem I have at the moment is when I submit the submit button takes me to a read only page of this code.
我目前遇到的问题是,当我提交提交按钮时,会将我带到此代码的只读页面。
Any suggestions?
有什么建议?
回答by Birju Shah
On first looks I can figure out few major mistakes you made:
乍一看,我可以找出你犯的几个主要错误:
if you are comparing you should use
如果你在比较你应该使用
$newpassword == $confirmnewpassword
and not
并不是
$newpassword=$confirmnewpassword
secondly when you use if..elseif... loop format shold be
其次,当你使用 if..elseif... 循环格式应该是
if (condition)
{
//code to be executed if condition is true;
}
else if (condition)
{
// code to be executed if condition is true;
}
else
{
//code to be executed if condition is false;
}
You apparently miss the else part in one of your such loops. Please correct your syntax and try again...
您显然错过了其中一个循环中的 else 部分。请更正您的语法,然后重试...
回答by user3248390
u can 1st select a table and check a password is correct and if correct a update a password .else display a error message.hey this just update a password if old is password is match to update a password...., Cracker World
你可以首先选择一个表并检查密码是否正确,如果正确则更新密码。否则显示错误消息。嘿,如果旧密码匹配更新密码,这只是更新密码......, Cracker World
$old_password=$_POST['old_password'];
$new_password=$_POST['new_password'];
$con_password=$_POST['con_password'];
$chg_pwd=mysql_query("select * from users where id='1'");
$chg_pwd1=mysql_fetch_array($chg_pwd);
$data_pwd=$chg_pwd1['password'];
if($data_pwd==$old_password){
if($new_password==$con_password){
$update_pwd=mysql_query("update users set password='$new_password' where id='1'");
$change_pwd_error="Update Sucessfully !!!";
}
else{
$change_pwd_error="Your new and Retype Password is not match !!!";
}
}
else
{
$change_pwd_error="Your old password is wrong !!!";
}}
回答by Othman Boūlal
You made a mistake here
This include 'dbconfig.php';
你在这里犯了一个错误 这个 include 'dbconfig.php';
Should be like this include ('dbconfig.php');
应该是这样的 include ('dbconfig.php');
回答by Chintan Panchal
After seen your script, i found that you have not use '==' in your password comparison condition.
看了你的脚本后,我发现你的密码比较条件中没有使用'=='。
if($newpassword=$confirmnewpassword)
Which is wrong. You accepted the birju shah's answer above which is pointing out what i want to say.
这是错误的。您接受了上面 birju shah 的回答,它指出了我想说的内容。
Apart from this, i found that you did't use any encryption method, which is extremely wrong. Anyone can hack your password from the database.
除此之外,我发现你没有使用任何加密方法,这是非常错误的。任何人都可以从数据库中破解您的密码。
You should use Password_verify() and Password_hash()functions to encrypt and decrypt your password. These encryption and decryption are considered most safe now days. You should not use md5 encryption because now days anyone can decrypt md5 algorithm.
您应该使用 Password_verify() 和Password_hash()函数来加密和解密您的密码。这些加密和解密现在被认为是最安全的。您不应该使用 md5 加密,因为现在任何人都可以解密 md5 算法。
Here i have made one tutorial Change password code in PHP. I have covered all the above topics. I Hope that this tutorial will help you.
在这里,我制作了一个教程在 PHP 中更改密码代码。我已经涵盖了上述所有主题。我希望本教程对您有所帮助。
Cheers,
干杯,
