1. 首页
  2. 问答
  3. Php中的密码更改,Php返回空白

Php中的密码更改,Php返回空白

2011-11-29 65 views
-1

我正在尝试为我尝试创建的网站创建密码更改页面。但是,当用户输入信息到表单时,它会将我发送到空白页面。换句话说,我的PHP代码甚至没有执行,我不知道为什么。我尝试了几种不同的方式,但我不完全确定发生了什么。这是我第一次做一个设置页面或网站,所以也许它是一个简单的错误,或者我正在做的全部错误。这是我的PHP代码。Php中的密码更改,Php返回空白

<!-- 
To change this template, choose Tools | Templates 
and open the template in the editor. 
--> 
<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title></title> 
    </head> 
    <body> 
     <?php 
     $db_server = "server"; 
     $db_username = "name"; 
     $db_password = "pass"; 

     $con = mysql_connect($db_server, $db_username, $db_password); 
     if (!$con) { 
      die('Could not connect: ' . mysql_error()); 
     } 

     $database = "Account_Holder"; 

     $er = mysql_select_db($db_username); 
     if (!$er) { 
      print ("Error - Could not select the database"); 
      exit; 
     } 
     $username = $_P0ST['username']; 
     $cur_password = $_POST['cur_password']; 
     $password = $_POST['password']; 
     $password2 = $_POST['password2']; 

     // Check for an existing password. 
     if (isset($_POST['cur_password'])) 
      { 
      $pass = FALSE; 
      print('<p>You forgot to enter your existing password!</p>'); 
     } 
     else { 
      $pass = escape_data($_POST['cur_password']); 
     } 
     // Check for a password and match against the confirmed password. 
     if (empty($_POST['password'])) 
      { 
      $newpass = FALSE; 
      print('<p>You forgot to enter your new password!</p>'); 
      } 
     else 
      { 
      if ($_POST['password'] == $_POST['password2']) { 
       $newpass = escape_data($_POST['password']); 
      } 
      else 
       { 
       $newpass = FALSE; 
       $message .= '<p>Your new password did not match the confirmed new password!</p>'; 
       } 


     if ($pass && $newpass) { // If checking passes 
      $query = "SELECT * FROM Account_Holder WHERE password='$pass')"; 
      $result = mysql_query($query); 
      $num = mysql_num_rows($result); 
      if ($num == 1) { 
       $row = mysql_fetch_array($result); 

// Make the query. 
       $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username"); 
       $result = mysql_query($query); // Run the query. 
       if (mysql_affected_rows() == 1) { // If it ran OK. 

        echo '<p><b>Your password has been changed.</b></p>'; 
       } 

       else 
       { // If query failed. 

        print('<p>Your password was not changed.</p><p>' . mysql_error() . '</p>'); 
       } 
      } else 
       { 
       print('<p>Your username and password did not match any in the database.</p>'); 
       } 
     } 
      else 
       { 
       print('<p>Please try again.</p>'); 
      } 
      } 


     ?> 

    </body> 
</html> 











    <!-- 
I also did it this way and all the validations work and it says the password was updated but it does not change in the database. Is something wrong with my sql? 
    --> 

<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title>Change Password Confrim</title> 
    </head> 
    <body> 
     <?php 
     $db_server = "server"; 
     $db_username = "name"; 
     $db_password = "pass"; 

     $con = mysql_connect($db_server, $db_username, $db_password);if (!$con) 
       { 
        die('Could not connect: ' . mysql_error()); 
       } 

       $database = "Account_Holder"; 

       $er = mysql_select_db($db_username); 
     if (!$er) 
     { 
     print ("Error - Could not select the database"); 
     exit; 
     }   


//include "include/session.php"; 
// check the login details of the user and stop execution if not logged in 
//require "check.php"; 
//////////Collect the form data //////////////////// 
$username =$_P0ST['username']; 
$todo=$_POST['todo']; 
$password=$_POST['password']; 
$password2=$_POST['password2']; 
///////////////////////// 

if(isset($todo) and $todo=="change-password"){ 
$password = mysql_real_escape_string($password); 
$password2 = mysql_real_escape_string($password2); 

//Setting flags for checking 
$status = "OK"; 
$msg=""; 

//Checking to see if password is at least 3 char max 8 
if (strlen($password) < 3 or strlen($password) > 8) 
{ 
    $msg=$msg."Password must be more than 3 char legth and maximum 8 char lenght<br/>"; 
    $status= "NOTOK"; 
}     

//Checking to see if both passwords match 
if ($password <> $password2) 
{ 
    $msg=$msg."Both passwords are not matching<br/>"; 
    $status= "NOTOK"; 
}     

if($status<>"OK") 
{ 
    echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; 
} 
else 
{ // if all validations are passed. 
    if(mysql_query("UPDATE Account_Holder SET password='$password' WHERE username='$username'")) 
    { 
     echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully.</font></center>"; 
    } 
    else 
    { 
     echo "<font face='Verdana' size='2' color=red><center>Sorry <br> Failed to change password.</font></center>"; 
    } 
} 
} 
//require "bottom.php"; 

?> 
<center> 
<br><br><a href='Settings.html'>Settings Page</a></center> 

</body> 

</html>

来源

2011-11-29 Allie

+0

你可能想看看你的例如Apache日志,PHP可能会抱怨有错误 – daisy

+2

你在$ _POST ['username']中捕获0吗? –

+0

正如@MorganDelaney所指出的那样,应该有一个0'$ username = $ _P0ST ['username'];' –

回答

3

我希望我可以留下评论。但不是。 你有很多代码中的错误,如这一

$username = $_P0ST['username'];

即时猜测错误报告被关闭的页面上,这样你就不会看到语法错误,而你只是得到一个空白页。

打开错误。这可能工作。

error_reporting(E_ALL);

来源

2011-11-29 02:37:04

0

几点意见:

$er = mysql_select_db($db_username);

这是错误的变量。

$username = $_P0ST['username'];

零,而不是字母O.

 $query = "SELECT * FROM Account_Holder WHERE password='$pass')"; 


  $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username");

,你可以说 “SQL注入”?此外,缺少关于用户名值的引号。如上所述,您似乎有错误报告。要么是这样,要么你有输出缓冲的地方,还有另一个语法错误。

来源

2011-11-29 02:49:16

相关问题

 相关问题