php中修改密码的脚本应该是什么?
<form action="final_change_pwd.php" method="post">
<table cellpadding="5" cellspacing="20">
<tr>
<td> Current Password: </td>
<td> <input type="text" name="txtoldpwd" /> </td>
</tr>
<tr>
<td> New Password: </td>
<td> <input type="text" name="txtnewpwd" /> </td>
</tr>
<tr>
<td> Confirm Password: </td>
<td> <input type="text" name="txtnewpwd" /> </td>
</tr>
<tr>
<td colspan="2"> <input type="submit" name="submit" value="Change Password" /> </td>
</tr>
</table>
</form>
// 这是我的表单,我需要一个脚本来弄清楚更改密码的过程应该是什么......! // 有人可以帮助我吗???
<form action="final_change_pwd.php" method="post">
<table cellpadding="5" cellspacing="20">
<tr>
<td> Current Password: </td>
<td> <input type="text" name="txtoldpwd" /> </td>
</tr>
<tr>
<td> New Password: </td>
<td> <input type="text" name="txtnewpwd" /> </td>
</tr>
<tr>
<td> Confirm Password: </td>
<td> <input type="text" name="txtnewpwd" /> </td>
</tr>
<tr>
<td colspan="2"> <input type="submit" name="submit" value="Change Password" /> </td>
</tr>
</table>
</form>
// This is the form I have and I need a script to figure out what the process of changing password should be...!
// Anyone there to help me???
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
修复确认密码输入字段的名称,因为它与新密码相同。还将用户 ID 作为隐藏字段一起发送到表单中。
过程是:
检查用户 ID 和当前密码。如果它们匹配:
检查新密码是否与确认相符。
然后将其保存到数据库。
不过,这个过程本身并不是最困难的部分,确保一切安全才是最困难的。尝试在发布之前对值进行加密(可用 JavaScript 执行此操作),然后对它们进行加盐。检查新密码是否满足可能的密码要求(也是 javascript,在发布之前),例如至少 6 个字符长,其中包含数字等,甚至在发布任何内容之前检查新密码和构造是否可以匹配JavaScript。
不过作为建议,也许您应该考虑根本不自己这样做,因为它永远不会像应有的那样安全。
Fix the name of the input field for Confirm Password as it is the same as New Password. Also send the user ID along in the form as a hidden field.
Process would be to:
check the userid and current password. if they match:
check if new password matches the conformation.
then save it to db.
the process itself is not the hard part though, securing everything is. try to encrypt values before you post it (javascripts available that do this), and salt them afterwards. check if the new password meets possible password requirements (also javascript, before you post it) like at least 6 chars long, has a number in it etc, and even checking if the new password and conformation match can be done before you post anything using javascript.
As advice though, maybe you should consider not doing this yourself at all, because it will never be as secure as it should be.
有很多在线资源,例如此网站,可以引导您完成需要执行的操作: http://www.plus2net.com/php_tutorial/php_change_password.php
There are plenty of resources online like this site that can walk you through what you need to do: http://www.plus2net.com/php_tutorial/php_change_password.php