Php 中的密码更改,Php 返回空白

发布于 2024-12-18 14:48:53 字数 6043 浏览 0 评论 0原文

我正在尝试为我正在尝试创建的网站创建一个密码更改页面。然而,当用户在表单中输入信息时,它会将我发送到一个空白页面。换句话说,我的 php 代码甚至没有执行,我不知道为什么。我尝试了几种不同的方法,但我不完全确定发生了什么。这是我第一次制作一般的设置页面或网站,所以也许这是一个简单的错误,或者我的做法都是错误的。这是我的 php 代码。

 <!--
To change this template, choose Tools | Templates
and open the template in the editor.
-->
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <?php
        $db_server = "server";
        $db_username = "name";
        $db_password = "pass";

        $con = mysql_connect($db_server, $db_username, $db_password);
        if (!$con) {
            die('Could not connect: ' . mysql_error());
        }

        $database = "Account_Holder";

        $er = mysql_select_db($db_username);
        if (!$er) {
            print ("Error - Could not select the database");
            exit;
        }
        $username = $_P0ST['username'];
        $cur_password = $_POST['cur_password'];
        $password = $_POST['password'];
        $password2 = $_POST['password2'];

        // Check for an existing password.
        if (isset($_POST['cur_password'])) 
            {
            $pass = FALSE;
            print('<p>You forgot to enter your existing password!</p>');
        }
        else {
            $pass = escape_data($_POST['cur_password']);
        }
        // Check for a password and match against the confirmed password.
        if (empty($_POST['password'])) 
            {
            $newpass = FALSE;
            print('<p>You forgot to enter your new password!</p>');
            } 
        else 
            {
            if ($_POST['password'] == $_POST['password2']) {
                $newpass = escape_data($_POST['password']);
            } 
            else
                {
                $newpass = FALSE;
                $message .= '<p>Your new password did not match the confirmed new password!</p>';
                }


        if ($pass && $newpass) { // If checking passes 
            $query = "SELECT * FROM Account_Holder WHERE password='$pass')";
            $result = mysql_query($query);
            $num = mysql_num_rows($result);
            if ($num == 1) {
                $row = mysql_fetch_array($result);

// Make the query.
                $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username");
                $result = mysql_query($query); // Run the query.
                if (mysql_affected_rows() == 1) { // If it ran OK.

                    echo '<p><b>Your password has been changed.</b></p>';
                } 

                else 
                 { // If query failed.

                    print('<p>Your password was not changed.</p><p>' . mysql_error() . '</p>');
                }
            } else
                {
                print('<p>Your username and password did not match any in the database.</p>');
                }
        }
            else 
                {
                print('<p>Please try again.</p>');
            }
            }


        ?> 

    </body>
</html>











   <!--
 I also did it this way and all the validations work and it says the password was updated but it does not change in the database. Is something wrong with my sql?
    -->

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Change Password Confrim</title>
    </head>
    <body>
        <?php
      $db_server = "server";
       $db_username = "name";
       $db_password = "pass";

       $con = mysql_connect($db_server, $db_username, $db_password);if (!$con)
                {
                    die('Could not connect: ' . mysql_error());
                }

               $database = "Account_Holder";  

              $er = mysql_select_db($db_username);
        if (!$er) 
        {
         print ("Error - Could not select the database");
         exit;
        }        


//include "include/session.php";
// check the login details of the user and stop execution if not logged in
//require "check.php";
//////////Collect the form data ////////////////////
$username =$_P0ST['username'];
$todo=$_POST['todo'];
$password=$_POST['password'];
$password2=$_POST['password2'];
/////////////////////////

if(isset($todo) and $todo=="change-password"){
$password = mysql_real_escape_string($password);
$password2 = mysql_real_escape_string($password2);

//Setting flags for checking
$status = "OK";
$msg="";

//Checking to see if password is at least 3 char max 8 
if ( strlen($password) < 3 or strlen($password) > 8 )
{
    $msg=$msg."Password must be more than 3 char legth and maximum 8 char lenght<br/>";
    $status= "NOTOK";
}                   

//Checking to see if both passwords match 
if ( $password <> $password2 )
{
    $msg=$msg."Both passwords are not matching<br/>";
    $status= "NOTOK";
}                   

if($status<>"OK")
{ 
    echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>";
}
else
{ // if all validations are passed.
    if(mysql_query("UPDATE Account_Holder SET password='$password' WHERE username='$username'"))
    {
        echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully.</font></center>";
    }
    else
    {
        echo "<font face='Verdana' size='2' color=red><center>Sorry <br> Failed to change password.</font></center>";
    }
}
}
//require "bottom.php";

?>
<center>
<br><br><a href='Settings.html'>Settings Page</a></center> 

</body>

</html>

I am trying to create a password change page for a website I am attempting to make. However when the user enters in the information to the form it sends me to a blank page. In other words my php code is not even executing and I am not sure why. I have tried it a few different ways but I am not entirely sure whats going on. This is my first time making a settings page or website in general so maybe its a simple mistake or I'm going about it all wrong. Here is my php code.

 <!--
To change this template, choose Tools | Templates
and open the template in the editor.
-->
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <?php
        $db_server = "server";
        $db_username = "name";
        $db_password = "pass";

        $con = mysql_connect($db_server, $db_username, $db_password);
        if (!$con) {
            die('Could not connect: ' . mysql_error());
        }

        $database = "Account_Holder";

        $er = mysql_select_db($db_username);
        if (!$er) {
            print ("Error - Could not select the database");
            exit;
        }
        $username = $_P0ST['username'];
        $cur_password = $_POST['cur_password'];
        $password = $_POST['password'];
        $password2 = $_POST['password2'];

        // Check for an existing password.
        if (isset($_POST['cur_password'])) 
            {
            $pass = FALSE;
            print('<p>You forgot to enter your existing password!</p>');
        }
        else {
            $pass = escape_data($_POST['cur_password']);
        }
        // Check for a password and match against the confirmed password.
        if (empty($_POST['password'])) 
            {
            $newpass = FALSE;
            print('<p>You forgot to enter your new password!</p>');
            } 
        else 
            {
            if ($_POST['password'] == $_POST['password2']) {
                $newpass = escape_data($_POST['password']);
            } 
            else
                {
                $newpass = FALSE;
                $message .= '<p>Your new password did not match the confirmed new password!</p>';
                }


        if ($pass && $newpass) { // If checking passes 
            $query = "SELECT * FROM Account_Holder WHERE password='$pass')";
            $result = mysql_query($query);
            $num = mysql_num_rows($result);
            if ($num == 1) {
                $row = mysql_fetch_array($result);

// Make the query.
                $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username");
                $result = mysql_query($query); // Run the query.
                if (mysql_affected_rows() == 1) { // If it ran OK.

                    echo '<p><b>Your password has been changed.</b></p>';
                } 

                else 
                 { // If query failed.

                    print('<p>Your password was not changed.</p><p>' . mysql_error() . '</p>');
                }
            } else
                {
                print('<p>Your username and password did not match any in the database.</p>');
                }
        }
            else 
                {
                print('<p>Please try again.</p>');
            }
            }


        ?> 

    </body>
</html>











   <!--
 I also did it this way and all the validations work and it says the password was updated but it does not change in the database. Is something wrong with my sql?
    -->

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Change Password Confrim</title>
    </head>
    <body>
        <?php
      $db_server = "server";
       $db_username = "name";
       $db_password = "pass";

       $con = mysql_connect($db_server, $db_username, $db_password);if (!$con)
                {
                    die('Could not connect: ' . mysql_error());
                }

               $database = "Account_Holder";  

              $er = mysql_select_db($db_username);
        if (!$er) 
        {
         print ("Error - Could not select the database");
         exit;
        }        


//include "include/session.php";
// check the login details of the user and stop execution if not logged in
//require "check.php";
//////////Collect the form data ////////////////////
$username =$_P0ST['username'];
$todo=$_POST['todo'];
$password=$_POST['password'];
$password2=$_POST['password2'];
/////////////////////////

if(isset($todo) and $todo=="change-password"){
$password = mysql_real_escape_string($password);
$password2 = mysql_real_escape_string($password2);

//Setting flags for checking
$status = "OK";
$msg="";

//Checking to see if password is at least 3 char max 8 
if ( strlen($password) < 3 or strlen($password) > 8 )
{
    $msg=$msg."Password must be more than 3 char legth and maximum 8 char lenght<br/>";
    $status= "NOTOK";
}                   

//Checking to see if both passwords match 
if ( $password <> $password2 )
{
    $msg=$msg."Both passwords are not matching<br/>";
    $status= "NOTOK";
}                   

if($status<>"OK")
{ 
    echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>";
}
else
{ // if all validations are passed.
    if(mysql_query("UPDATE Account_Holder SET password='$password' WHERE username='$username'"))
    {
        echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully.</font></center>";
    }
    else
    {
        echo "<font face='Verdana' size='2' color=red><center>Sorry <br> Failed to change password.</font></center>";
    }
}
}
//require "bottom.php";

?>
<center>
<br><br><a href='Settings.html'>Settings Page</a></center> 

</body>

</html>

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

尽揽少女心 2024-12-25 14:48:53

我希望我能发表评论。但没有。
您的代码中有很多错误,例如

$username = $_P0ST['username'];

我猜测页面上的错误报告已关闭,因此您看不到语法错误,而只是得到一个空白页面。

打开错误。这可能有效。

error_reporting(E_ALL);

I wish I could just leave a comment. But no.
You have a lot of errors in your code such as this

$username = $_P0ST['username'];

Im guessing error reporting is turned off on the page, so you don't see the syntax errors, and you just get a blank page.

Turn on errors. This may work.

error_reporting(E_ALL);
灯角 2024-12-25 14:48:53

一些评论:

    $er = mysql_select_db($db_username); 

这是错误的变量。

    $username = $_P0ST['username']; 

用零代替字母 O。

        $query = "SELECT * FROM Account_Holder WHERE password='$pass')";   

            $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username");   

你能说“SQL 注入”吗 此外,用户名值周围缺少引号。

正如上面 Adam Meyer 所提到的,您似乎关闭了错误报告。要么是这样,要么你在某处有输出缓冲,并且那里还有另一个语法错误。

A few comments:

    $er = mysql_select_db($db_username); 

This is the wrong variable.

    $username = $_P0ST['username']; 

A zero instead of a letter O.

        $query = "SELECT * FROM Account_Holder WHERE password='$pass')";   

and

            $query = ("UPDATE Account_Holder SET password='$newpass' WHERE username=$username");   

Can you say "SQL injection"? Also, missing quotes around the username value.

As mentioned by Adam Meyer above, you appear to have error reporting off. Either that, or you have output buffering somewhere and yet another syntax error in there.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文