1. 首頁
  2. 問答
  3. Php中的密碼更改,Php返回空白

Php中的密碼更改,Php返回空白

2011-11-29 26 views
-1

我正在嘗試爲我嘗試創建的網站創建密碼更改頁面。但是,當用戶輸入信息到表單時,它會將我發送到空白頁面。換句話說,我的PHP代碼甚至沒有執行,我不知道爲什麼。我嘗試了幾種不同的方式,但我不完全確定發生了什麼。這是我第一次做一個設置頁面或網站,所以也許它是一個簡單的錯誤,或者我正在做的全部錯誤。這是我的PHP代碼。Php中的密碼更改,Php返回空白

<!-- 
To change this template, choose Tools | Templates 
and open the template in the editor. 
--> 
<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title></title> 
    </head> 
    <body> 
     <?php 
     $db_server = "server"; 
     $db_username = "name"; 
     $db_password = "pass"; 

     $con = mysql_connect($db_server, $db_username, $db_password); 
     if (!$con) { 
      die('Could not connect: ' . mysql_error()); 
     } 

     $database = "Account_Holder"; 

     $er = mysql_select_db($db_username); 
     if (!$er) { 
      print ("Error - Could not select the database"); 
      exit; 
     } 
     $username = $_P0ST['username']; 
     $cur_password = $_POST['cur_password']; 
     $password = $_POST['password']; 
     $password2 = $_POST['password2']; 

     // Check for an existing password. 
     if (isset($_POST['cur_password'])) 
      { 
      $pass = FALSE; 
      print('<p>You forgot to enter your existing password!</p>'); 
     } 
     else { 
      $pass = escape_data($_POST['cur_password']); 
     } 
     // Check for a password and match against the confirmed password. 
     if (empty($_POST['password'])) 
      { 
      $newpass = FALSE; 
      print('<p>You forgot to enter your new password!</p>'); 
      } 
     else 
      { 
      if ($_POST['password'] == $_POST['password2']) { 
       $newpass = escape_data($_POST['password']); 
      } 
      else 
       { 
       $newpass = FALSE; 
       $message .= '<p>Your new password did not match the confirmed new password!</p>'; 
       } 


     if ($pass && $newpass) { // If checking passes 
      $query = "SELECT * FROM Account_Holder WHERE password='$pass')"; 
      $result = mysql_query($query); 
      $num = mysql_num_rows($result); 
      if ($num == 1) { 
       $row = mysql_fetch_array($result); 

// Make the query. 
       $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username"); 
       $result = mysql_query($query); // Run the query. 
       if (mysql_affected_rows() == 1) { // If it ran OK. 

        echo '<p><b>Your password has been changed.</b></p>'; 
       } 

       else 
       { // If query failed. 

        print('<p>Your password was not changed.</p><p>' . mysql_error() . '</p>'); 
       } 
      } else 
       { 
       print('<p>Your username and password did not match any in the database.</p>'); 
       } 
     } 
      else 
       { 
       print('<p>Please try again.</p>'); 
      } 
      } 


     ?> 

    </body> 
</html> 











    <!-- 
I also did it this way and all the validations work and it says the password was updated but it does not change in the database. Is something wrong with my sql? 
    --> 

<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title>Change Password Confrim</title> 
    </head> 
    <body> 
     <?php 
     $db_server = "server"; 
     $db_username = "name"; 
     $db_password = "pass"; 

     $con = mysql_connect($db_server, $db_username, $db_password);if (!$con) 
       { 
        die('Could not connect: ' . mysql_error()); 
       } 

       $database = "Account_Holder"; 

       $er = mysql_select_db($db_username); 
     if (!$er) 
     { 
     print ("Error - Could not select the database"); 
     exit; 
     }   


//include "include/session.php"; 
// check the login details of the user and stop execution if not logged in 
//require "check.php"; 
//////////Collect the form data //////////////////// 
$username =$_P0ST['username']; 
$todo=$_POST['todo']; 
$password=$_POST['password']; 
$password2=$_POST['password2']; 
///////////////////////// 

if(isset($todo) and $todo=="change-password"){ 
$password = mysql_real_escape_string($password); 
$password2 = mysql_real_escape_string($password2); 

//Setting flags for checking 
$status = "OK"; 
$msg=""; 

//Checking to see if password is at least 3 char max 8 
if (strlen($password) < 3 or strlen($password) > 8) 
{ 
    $msg=$msg."Password must be more than 3 char legth and maximum 8 char lenght<br/>"; 
    $status= "NOTOK"; 
}     

//Checking to see if both passwords match 
if ($password <> $password2) 
{ 
    $msg=$msg."Both passwords are not matching<br/>"; 
    $status= "NOTOK"; 
}     

if($status<>"OK") 
{ 
    echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; 
} 
else 
{ // if all validations are passed. 
    if(mysql_query("UPDATE Account_Holder SET password='$password' WHERE username='$username'")) 
    { 
     echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully.</font></center>"; 
    } 
    else 
    { 
     echo "<font face='Verdana' size='2' color=red><center>Sorry <br> Failed to change password.</font></center>"; 
    } 
} 
} 
//require "bottom.php"; 

?> 
<center> 
<br><br><a href='Settings.html'>Settings Page</a></center> 

</body> 

</html>

來源

2011-11-29 Allie

+0

你可能想看看你的例如Apache日誌,PHP可能會抱怨有錯誤 – daisy

+2

你在$ _POST ['username']中捕獲0嗎? –

+0

正如@MorganDelaney所指出的那樣,應該有一個0'$ username = $ _P0ST ['username'];' –

回答

3

我希望我可以留下評論。但不是。 你有很多代碼中的錯誤,如這一

$username = $_P0ST['username'];

即時猜測錯誤報告被關閉的頁面上,這樣你就不會看到語法錯誤,而你只是得到一個空白頁。

打開錯誤。這可能工作。

error_reporting(E_ALL);

來源

2011-11-29 02:37:04

0

幾點意見:

$er = mysql_select_db($db_username);

這是錯誤的變量。

$username = $_P0ST['username'];

零,而不是字母O.

 $query = "SELECT * FROM Account_Holder WHERE password='$pass')"; 


  $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username");

,你可以說 「SQL注入」?此外,缺少關於用戶名值的引號。如上所述,您似乎有錯誤報告。要麼是這樣,要麼你有輸出緩衝的地方,還有另一個語法錯誤。

來源

2011-11-29 02:49:16

相關問題

 相關問題