猿问

回到首页 个人中心 反馈问题 注册登录
下载APP
首页 课程 实战 体系课 手记 专栏 慕课教程

使用 php 在 pgadmin 上更改密码时出现问题

我正在编写一个 PHP 文件以允许用户更改密码,但我遇到了一个奇怪的问题。我需要旧密码来确认帐户和新密码。鉴于凭据正确,此页面总是返回用户密码不正确,因此返回第 12 行“旧密码错误”中的回显。如果我在 pgAdmin 查询工具中启动“select * from utente”来查看密码,我在密码框中看不到任何变化。然后,如果我返回表单更改密码,如果我在旧密码框中输入我之前想更改的新密码,但似乎没有被接受,因为以前没有识别出旧密码,程序成功。我发誓我不明白为什么。我认为这是 md5 中的错误,但它也不适合 sha1。我知道两者都不安全,但现在我必须使用其中之一。我该如何解决?提前致谢


<?php

    $dbconn = pg_connect("host=localhost port=5432 dbname=progetto user=postgres password=password")

    or die('Could not connect:' . pg_last_error());

    if(!(isset($_POST['changeButton']))){

        header("Location: utente.php");

    }else{

        $email = $_COOKIE["cookieEmail"];

        $oldPassword = sha1($_POST['oldpassword']);

        $q1="select * from utente where email = $1 and password = $2";

        $result=pg_query_params($dbconn,$q1,array($email, $oldPassword));

        if($line=pg_fetch_array($result ,null ,PGSQL_ASSOC)){

            echo "<h1>Old password wrong</h1>

            <a href=formCambiaPassword.php>Click here</a>";

        }else{

            $newPassword = sha1($_POST['newpassword']);

            $q2 = "update utente set password=$1 where email=$2";

            $result=pg_query_params($dbconn, $q2, array($newPassword, $email));

            if($result==true){

                $q3="select * from utente where email = $1 and password = $2";

                $result=pg_query_params($dbconn,$q3,array($email, $newPassword));

                if($line=pg_fetch_array($result ,null ,PGSQL_ASSOC)){

                    echo "<h1>Error</h1>

                    <a href=formCambiaPassword.php>Click here</a>";

                }else{

                    header("Location: utente.php");

                }

            }else{

                echo "<h1>Error 2</h1>

                        <a href=formCambiaPassword.php>Click here</a>";

            }

        }

    }

?>


芜湖不芜
浏览 128回答 1
1回答

郎朗坤

您的 if 语句在应该检查 false 时正在寻找 true。if(!pg_fetch_array($result ,null ,PGSQL_ASSOC)){您的代码应如下所示:<?php$dbconn = pg_connect("host=localhost port=5432 dbname=progetto user=postgres password=password")or die('Could not connect:' . pg_last_error());if(!(isset($_POST['changeButton']))){&nbsp; &nbsp; header("Location: utente.php");}else{&nbsp; &nbsp; $email = $_COOKIE["cookieEmail"];&nbsp; &nbsp; $oldPassword = sha1($_POST['oldpassword']);&nbsp; &nbsp; $q1="select * from utente where email = $1 and password = $2";&nbsp; &nbsp; $result=pg_query_params($dbconn,$q1,array($email, $oldPassword));&nbsp; &nbsp; if(!pg_fetch_array($result ,null ,PGSQL_ASSOC)){&nbsp; &nbsp; &nbsp; &nbsp; echo "<h1>Old password wrong</h1>&nbsp; &nbsp; &nbsp; &nbsp; <a href=formCambiaPassword.php>Click here</a>";&nbsp; &nbsp; }else{&nbsp; &nbsp; &nbsp; &nbsp; $newPassword = sha1($_POST['newpassword']);&nbsp; &nbsp; &nbsp; &nbsp; $q2 = "update utente set password=$1 where email=$2";&nbsp; &nbsp; &nbsp; &nbsp; $result=pg_query_params($dbconn, $q2, array($newPassword, $email));&nbsp; &nbsp; &nbsp; &nbsp; if($result==true){&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $q3="select * from utente where email = $1 and password = $2";&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $result=pg_query_params($dbconn,$q3,array($email, $newPassword));&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if($line=pg_fetch_array($result ,null ,PGSQL_ASSOC)){&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; echo "<h1>Error</h1>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href=formCambiaPassword.php>Click here</a>";&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }else{&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; header("Location: utente.php");&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; }else{&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; echo "<h1>Error 2</h1>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href=formCambiaPassword.php>Click here</a>";&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; }}?>
0
打开App,查看更多内容
随时随地看视频慕课网APP

相关分类

PHP
php如何把参数放在Http Request Heade???? 1 回答