0
它是我的密碼更改頁面。POST空錯誤
我試圖newpass,oldpass,newpasstwo得到和改變。但是..所有職位給空。對不起英語不好,爲什麼我不能得到這個職位?
<form action="index.php?bolum=panel&secenek=sifredegistir" autocomplete="off" method="post">
<table>
<tr>
<td>Eski Şifreniz</td><td>:</td><td><input type="password" name="oldpass" id="oldpass"></td>
</tr>
<tr>
<td>Yeni Şifreniz</td><td>:</td><td><input type="password" name="newpass" id="newpass"></td>
</tr>
<tr>
<td>Yeni Şifreniz <i>(tekrar)</i></td><td>:</td><td><input type="password" id="newpasstwo" name="newpasstwo"></td>
</tr>
<tr>
<td></td><td></td><td><input class="px150" type="submit" value="Şifremi Değiştir"></td>
</table>
</form>
</div></div></div>
<?php
}
elseif ($_GET['secenek'] == "sifredegistir")
{
$accname = strip_tags($_SESSION['muyuser']);
$oldpass = $_POST['oldpass'];
$newpass = $_POST['newpass'];
$newpasstwo = $_POST['newpasstwo'];
$sifre = mysql_query("SELECT * FROM users WHERE username='$accname' AND user_password='$oldpass'");
$sifredogrula = mysql_num_rows($sifre);
if(empty($oldpass) || empty($newpasstwo) || empty($newpass))
{
echo '<div align="center"><b>Lütfen tüm alanları doldurun!</b></div>';
}
elseif ($sifredogrula < 1) {
echo $accname;
echo $oldpass;
echo newpass;
echo newpasstwo;
echo '<div align="center"><b>Bilgileriniz yanlış, lütfen dikkatli doldurun.</b></div>';
}
你可以看到使用'的print_r($ _ POST)值的密碼;'? – Popnoodles
請注意,您的腳本容易受到SQL注入的影響。至少,您必須在傳遞到查詢中的每個'$ _POST'值上調用'mysql_real_escape_string()'。這不是可選的。考慮切換到支持預備語句的API,如MySQLi或PDO。 –
檢查控制進入if語句... –