在PHP中更改密碼腳本時出錯

Question

我創建了一個PHP腳本，該腳本允許我網站上的用戶在註冊後更改其密碼，但當我嘗試在網站上打開它時出現錯誤。我相信這是由於我的語法錯誤，但我似乎無法發現它。有人可以看一看，看看你能找到什麼嗎？下面是該腳本：

<?php 

session_start(); 

$user = $_SESSION['username']; 

if ($user) 
{ 
//user is logged in 

if ($_POST['submit']) 
{ 
//start changing password 
//check fields 

$oldpassword = md5($_POST['oldpassword']); 
$newpassword = md5($_POST['newpassword']); 
$repeatnewpassword = md5($_POST['repeatnewpassword']); 

//check password against db 
include('connection.php'); 

$queryget = mysql_query("SELECT password FROM Users WHERE username='$user'") or die ("change password failed"); 
$row = mysql_fetch_assoc($queryget); 
$oldpassworddb = $row['password']; 

//check passwords 
if ($oldpassword==$oldpassworddb) 
{ 
//check two new passwords 
if ($newpassword==$repeatnewpassword) 
{ 
//successs 
//change password in db 

$querychange = mysql_query("UPDATE Users SET password='$newpassword' WHERE username='$user'"); 
session_destroy(); 
die("Your password has been changed. <a href='homepage.php'> Return</a>"); 
} 
else 
die("Old password doesn't match!"); 
} 
else 

echo" 
<form action='changepassword.php' method='POST'> 
Old Password: <input type='text' name='oldpassword'><p> 
New Password: <input type='password' name='newpassword'><p> 
Repeat New Password: <input type='password' name='repeatnewpassword'><p> 
<input type='submit' name ='submit' value='submit'> 
</form> 
"; 
} 
else 
die ("You must be logged in to change your password"); 
} 
?> 

我得到的錯誤如下：

公告：未定義的索引：在提交上/var/www/localhost/htdocs/changepassword.php線11 你必須登錄後更改密碼。

在此先感謝您的幫助。

Answer 1

那麼首先你應該注意到的MySQL已棄用，請使用mysqli或PDO代替More info或類似NullPointer指向More Good Info :)

改變你的代碼是這樣的結尾讓你想爲正確的結果失敗：

}else 
die ("Nothing came from the $_POST variable"); 

}else 
die ("You must be logged in to change your password"); 

的錯誤，你得到的是，也許是因爲你的$ _POST變量沒有設置，使用isset （）來檢查是否設置了$ _POST。例如：

if (isset($_POST['submit'])) 
{ 
//submit post was set 
}else 
{ 
//submit post wasn´t set 
} 

如果您仍然沒有收到任何值，請檢查您的表單。

UPDATE：

看到實際的形式，你必須結束isset代碼保持這樣的形式之前。

<?php 
session_start(); 

$user = $_SESSION['username']; 

if (isset($_SESSION['username'])) 
{ 
//user is logged in 

if (isset($_POST['submit'])) 
{ 
//start changing password 
//check fields 

$oldpassword = md5($_POST['oldpassword']); 
$newpassword = md5($_POST['newpassword']); 


$repeatnewpassword = md5($_POST['repeatnewpassword']); 

//check password against db 
include('connection.php'); 

$queryget = mysql_query("SELECT password FROM Users WHERE username='$user'") or die ("change password failed"); 
$row = mysql_fetch_assoc($queryget); 
$oldpassworddb = $row['password']; 

//check passwords 
if ($oldpassword==$oldpassworddb) 
{ 
//check two new passwords 
if ($newpassword==$repeatnewpassword) 
{ 
//successs 
//change password in db 

$querychange = mysql_query("UPDATE Users SET password='$newpassword' WHERE username='$user'"); 
session_destroy(); 
die("Your password has been changed. <a href='homepage.php'> Return</a>"); 
} 
else 
die("New password doesn't match!"); 

}else 
die("Old password doesn't match!"); 

} 
else 
{ 

echo" 
<form action='changepassword.php' method='POST'> 
Old Password: <input type='text' name='oldpassword'><p> 
New Password: <input type='password' name='newpassword'><p> 
Repeat New Password: <input type='password' name='repeatnewpassword'><p> 
<input type='submit' name ='submit' value='submit'> 
</form> 
"; 
} 

}else 
die ("You must be logged in to change your password"); 


?> 

但你不會看到它，直到你登錄，您的第二個問題是你的$ user變量似乎沒有任何價值。嘗試上述代碼後，如果它不會工作。 ，就把這行後

$user = $_SESSION['username']; 

echo 'Here it shold show the user: '.$user.''; 

，如果它不會出現在您沒有通過會話值權。

一件事，如果你的表格是指向同一個頁面，那它是什麼樣子改變你行這一行：

<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");?>" method='POST'> 

Answer 2

你輸入HTML表單中有

<input type='submit' name ='submit' value='submit'> 

將其更改爲

<input type='submit' name='submit' value='submit'> 

一個額外的空間，您還應該確保

if (isset($_POST['submit']))