doupo6967 2014-08-27 13:29
浏览 28
已采纳

如果密码与确认密码php不同,则停止进程

hi guys im making update for registration . i already have make the coding and password must be update same with confirm password . i already try this. it appear "please check password and confirm password " in alert box. but when i check at database wrong confirm password still in database . example password : admin01 but userconfirm : admin02. how do i stop the process if password doesnt equal confirm password. thank you

<?php
session_start();
?>

<?php

include('config1.php');
$username=$_SESSION['username'];


$userid=$_POST['userid'];
$useremail=$_POST['useremail'];
$userdiv=$_POST['userdiv'];
$userdepartment=$_POST['userdepartment'];
$userpass=$_POST['userpass'];
$userconfirm=$_POST['userconfirm'];

// update data in mysql database 
$sql="UPDATE login SET userid='$userid', useremail='$useremail', userdiv='$userdiv', userdepartment='$userdepartment', userpass='$userpass',userconfirm='$userconfirm' WHERE username='$username'";
$result=mysql_query($sql);
if($result)
{
   if ($_POST['userpass'] == $_POST['userconfirm']) 
   {
    echo ("<SCRIPT LANGUAGE='JavaScript'>
    window.alert('UPDATE SUCCESS')
    window.location.href='userMain.php';
    exit();
    </SCRIPT>");
   }
   else
    {
    echo ("<SCRIPT LANGUAGE='JavaScript'>
    window.alert('PLEASE CHECK YOUR PASSWORD AND CONFIRM PASSWORD')
    window.location.href='updateUser.php';
    exit();
    </SCRIPT>");
     }
}    
else
{
    echo ("<SCRIPT LANGUAGE='JavaScript'>
    window.alert('UPDATE ERROR ')
    window.location.href='updateUser.php';
    exit();
    </SCRIPT>");


}   

?>

i think it must put something in else right ? i dont know what to put to end the process if password != confirm password

  • 写回答

1条回答 默认 最新

  • douqiao8032 2014-08-27 13:33
    关注

    The problem is that you are updating the database in the first place and then you verify if the password doesn't match. You must verify first and if everything is ok update the database.

    Another thing you must take care about:

    • SQL Injection - your script is very vulnerably.
    • mysql_ functions are deprecated, use PDO or mysqli_ functions instead.

    Code example:

    if ($_POST['userpass'] != $_POST['userconfirm']) {
    die("<SCRIPT LANGUAGE='JavaScript'>
            window.alert('PLEASE CHECK YOUR PASSWORD AND CONFIRM PASSWORD');
            window.location.href='updateUser.php';
          </SCRIPT>");
}

$userid = mysql_real_escape_string($_POST['userid']);
// ... put all the variables here

$sql="UPDATE login 
      SET userid='$userid'
        , useremail='$useremail'
        , userdiv='$userdiv'
        , userdepartment='$userdepartment'
        , userpass='$userpass'
        , userconfirm='$userconfirm'
      WHERE username='$username'";

if(!mysql_query($sql)) {

    die("<SCRIPT LANGUAGE='JavaScript'>
            window.alert('UPDATE ERROR');
            window.location.href='updateUser.php';
          </SCRIPT>");
}

echo "<SCRIPT LANGUAGE='JavaScript'>
        window.alert('UPDATE SUCCESS');
        window.location.href='userMain.php';
      </SCRIPT>");
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 如何在scanpy上做差异基因和通路富集?
  • ¥20 关于#硬件工程#的问题,请各位专家解答!
  • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
  • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
  • ¥30 截图中的mathematics程序转换成matlab
  • ¥15 动力学代码报错,维度不匹配
  • ¥15 Power query添加列问题
  • ¥50 Kubernetes&Fission&Eleasticsearch
  • ¥15 報錯:Person is not mapped,如何解決?
  • ¥15 c++头文件不能识别CDialog