更新密碼與PHP/MySQL的

Question

昨天我已經發布了一些代碼，詢問用戶如何能夠通過表單更新密碼。看here

但是更新密碼後，我無法登錄雖然我的Android應用程序。所以我決定改變一下forgotpassword.php文件。

<?php 
session_start(); 
require "../init.php"; 
ini_set('display_errors', 1); 



if(isset($_POST['update'])){ 


    $email = $_POST['email']; 
    $user_name = $_POST['user_name']; 
    $password = $_POST['user_pass']; 
    $passwordEncrypted = sha1($user_pass); 

    $confpassword = $_POST['confirm_pass']; 
    $confPasswordEncrypted = sha1($confirmPass); 

    if($password !== $confpassword){ 
     echo "<script>alert('Passwords are not equal')</script>"; 
    }else{ 
     $select_query = "SELECT * FROM user_info"; 

     $run_select_query = mysqli_query($con,$select_query); 

     while ($row_post=mysqli_fetch_array($run_select_query)){ 

       $_SESSION['id'] = $row_post['id']; 
       $user_id = $_SESSION['id']; 
       $useremail = $row_post['email']; 
       $username = $row_post['user_name']; 

       var_dump($user_id); 

      if($useremail == $email AND $username == $user_name){ 
       //echo "<script>alert('$useremail')</script>"; 
       //echo "<script>alert('$username')</script>"; 
       echo "<script>alert('$id')</script>"; 
       $update_posts = "UPDATE user_info SET user_pass='$passwordEncrypted',confirm_pass ='$confPasswordEncrypted' 
       WHERE $id='$_userid'"; 

       $run_update = mysqli_query($con,$update_posts); 
       //var_dump($user_name); 
      echo "<script>alert('Password Has been Updated!')</script>"; 
      }else{ 
      echo "<script>alert('No email or username was found')</script>"; 
      } 

     } 

    } 

} 
?> 

但是現在密碼沒有像以前那樣更新。更新語句或之前的行中有錯誤。 $ _SESSION ['id']不爲空，所以select查詢工作正常。

任何想法？

謝謝。

Answer 1

錯字在where子句中。 WHERE $id='$_userid'";

變化更新查詢的WHERE子句這樣：WHERE $id='$user_id'";

Answer 2

更新您的選擇查詢：

$select_query = "SELECT * FROM user_info where email = '".$email."' and user_name = '".$username."' "; 

和then check if mysqli_num_rows().如果> 0，則只能執行更新查詢&把數據會話。

而且您的更新查詢不proper.It應該是：

$update_posts = "UPDATE user_info SET user_pass='$passwordEncrypted',confirm_pass ='$confPasswordEncrypted' 
       WHERE $id='$userid'"; 

Answer 3

你的更新查詢應該是這樣的：

$update_posts = "UPDATE user_info 
    SET 
      user_pass='$passwordEncrypted', 
      confirm_pass ='$confPasswordEncrypted' 
    WHERE id = $user_id"; 

Answer 4

確定。我已經更改了代碼並使其工作。所以這就是我所做的。

1）我運行一個選擇查詢，以檢查用戶是否已經被註冊。如果是，則更新密碼並在他的電子郵件中發送新密碼。

2）如果沒有，那麼你在我的Android應用程序說，用戶的電子郵件中找不到JSON響應。

3）最後，用戶可以用他的更新5位數密碼:)登錄。

<?php 
require "init.php"; 
$email = $_POST['email']; 



    if($email){ 
     $select_query = "SELECT * FROM user_info"; 

     $run_select_query = mysqli_query($con,$select_query); 

     while ($row_post=mysqli_fetch_array($run_select_query)){ 

      $id = $row['id']; 
      $usermail = $row_post['email']; 
      $username = $row_post['user_name']; 



     } 
      if($usermail == $email){ 
       $don = array('result' =>"success","message"=>"user mail found."); 

       $random = rand(72891, 92729); 
       $new_pass = $random; 

       $email_password = $new_pass; 
       $new_pass = sha1($new_pass); 

       $update_pass = "update user_info set user_pass='$new_pass',confirm_pass='$new_pass' where user_name='$username'"; 

       $run_update = mysqli_query($con,$update_pass); 


        $subject = "Login information"; 

        $message = "Your password has been changed to $email_password"; 

        $from = "From: example@example.com"; 

        mail($email,$subject,$message,$from); 

       $don = array('result' =>"success","message"=>"your password has been updated. Please check your email"); 



      }else{ 
       $don = array('result' =>"fail","message"=>"user mail not found."); 
      } 
     }else{ 
      $don = array('result' =>"fail","message"=>"please enter your email"); 
     } 

    echo json_encode($don); 
?>