dongzhang7961 2013-05-11 13:58 采纳率: 0%
浏览 53
已采纳

PHP中更改密码脚本时出错

I created a PHP script that allows a user on my website to change their password once registered, but am getting an error when I try to open it on the site. I believe it is due to a syntax error on my part but I can't seem to spot it. Can someone take a look and see what you can find? Here is the script:

<?php

session_start();

$user = $_SESSION['username'];

if ($user)
{
//user is logged in

if ($_POST['submit'])
{
//start changing password
//check fields

$oldpassword = md5($_POST['oldpassword']);
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);

//check password against db
include('connection.php');

$queryget = mysql_query("SELECT password FROM Users WHERE username='$user'") or die ("change password failed");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['password'];

//check passwords
if ($oldpassword==$oldpassworddb)
{
//check two new passwords
if ($newpassword==$repeatnewpassword)
{
//successs
//change password in db

$querychange = mysql_query("UPDATE Users SET password='$newpassword' WHERE   username='$user'");
session_destroy();
die("Your password has been changed. <a href='homepage.php'> Return</a>");
}
else 
die("Old password doesn't match!");
}
else

echo"
<form action='changepassword.php' method='POST'>
Old Password: <input type='text' name='oldpassword'><p>
New Password: <input type='password' name='newpassword'><p>
Repeat New Password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name ='submit' value='submit'>
</form>
";
 }
 else 
die ("You must be logged in to change your password");
}
 ?>

The error I am getting is as follows:

Notice: Undefined index: submit in /var/www/localhost/htdocs/changepassword.php on line 11 You must be logged in to change your password.

Thanks in advance for your help.

  • 写回答

2条回答 默认 最新

  • dpzbh1779 2013-05-11 14:15
    关注

    Well first you should notice that mysql is deprecated, use mysqli or PDO instead More info or like NullPointer has pointed More Good Info :)

    change the end of your code like this to get the right results that you want for fail:

     }else 
    die ("Nothing came from the $_POST variable");
    
    }else 
    die ("You must be logged in to change your password");
    

    The error that your getting is maybe because your $_POST variable isn't set, use isset() to check if $_POST was set.example:

    if (isset($_POST['submit']))
    {
    //submit post was set 
    }else
    {
    //submit post wasn´t set
    }
    

    If you still not getting any value, check your form.

    UPDATE:

    to see the actual form you must end the isset before the form your code stays like this:

    <?php
    session_start();
    
    $user = $_SESSION['username'];
    
    if (isset($_SESSION['username']))
    {
    //user is logged in
    
    if (isset($_POST['submit']))
    {
    //start changing password
    //check fields
    
    $oldpassword = md5($_POST['oldpassword']);
    $newpassword = md5($_POST['newpassword']);
    
    
    $repeatnewpassword = md5($_POST['repeatnewpassword']);
    
    //check password against db
    include('connection.php');
    
    $queryget = mysql_query("SELECT password FROM Users WHERE username='$user'") or die ("change password failed");
    $row = mysql_fetch_assoc($queryget);
    $oldpassworddb = $row['password'];
    
    //check passwords
    if ($oldpassword==$oldpassworddb)
    {
    //check two new passwords
    if ($newpassword==$repeatnewpassword)
    {
    //successs
    //change password in db
    
    $querychange = mysql_query("UPDATE Users SET password='$newpassword' WHERE   username='$user'");
    session_destroy();
    die("Your password has been changed. <a href='homepage.php'> Return</a>");
    }
    else 
    die("New password doesn't match!");
    
    }else 
    die("Old password doesn't match!");
    
    }
    else
    {
    
    echo"
    <form action='changepassword.php' method='POST'>
    Old Password: <input type='text' name='oldpassword'><p>
    New Password: <input type='password' name='newpassword'><p>
    Repeat New Password: <input type='password' name='repeatnewpassword'><p>
    <input type='submit' name ='submit' value='submit'>
    </form>
    ";
     }
    
     }else 
    die ("You must be logged in to change your password");
    
    
    ?>
    

    But you wont see it until your logged in. Your second problem is that your $user variable seems to dont have any value. after trying the above code if it wont work. put this line after

    $user = $_SESSION['username'];
    
    echo 'Here it shold show the user: '.$user.'';
    

    if it wont show up your not passing the session value right.

    One more thing, if your form is pointing to same page, thats what it looks like change your line to this line:

    <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");?>" method='POST'>
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 为什么shp文件会有这种小方块?
  • ¥15 ecplise在连接数据库时显示加载驱动成功但是数据库连接失败
  • ¥15 visionmaster启动失败,提示为“机器不满足授权而被禁用”
  • ¥50 用logisim设计16位单时钟周期cpu
  • ¥15 IDEA中圈复杂度如何具体设置
  • ¥50 labview采集不了数据
  • ¥15 Multisim红外倒车雷达仿真中距离问题
  • ¥15 请上面代码做什么处理或什么混淆
  • ¥15 英雄联盟自定义房间置顶
  • ¥15 W5500网线插上无反应