如果& PHP 脚本中的 AND 语句
我正在尝试制作一个表单,用户可以通过该表单更新他们的“电子邮件地址”和“密码”。
我正在尝试合并以下场景:
- 如果用户更改了他们的电子邮件地址,那么我希望现有的“密码”、“密码提示”和盐字段保留其当前值。
- 如果用户更改密码,我需要创建一个新的“盐”值,添加到密码字段并使用 sha1 加密
- 最后,如果用户更改所有字段,则“电子邮件地址”、“密码”、“密码”提示和“盐”字段都需要更新。
这是我尝试组合的代码:
if (isset($_POST["amendyourdetails"]))
{
$password = $_POST["password"];}
$confirmpassword = $_POST["confirmpassword"];
$passwordhint = $_POST["passwordhint"];
if ($password >=0){
$salt = uniqid(mt_rand());
$encrypted = sha1($password . $salt);
if ($emailaddress >=0){
$emailaddress = $_POST['emailaddress'];
mysql_query("UPDATE `userdetails` SET `emailaddress` = '$emailaddress',`password` = '$encrypted', `passwordhint` = '$passwordhint', `salt` = '$salt' WHERE `userid` = 1");
$msg = "Your password has been successfully reset.";
}
}
else if ($password == 0 ){
if (emailaddress > 0){
mysql_query("UPDATE `userdetails` SET `emailaddress` = '$emailaddress' WHERE `userid` = 1");
$msg = "Your password has been successfully reset.";
}
}
}
?>
<html>
<head>
<title>Amend Your Details</title>
<style type="text/css">
<!--
.style1 {font-family: Calibri
}
.style9 { font-family: Calibri;
font-size: 24px;
background-color: #78AFC5;
}
.style7 {
font-family: Calibri;
font-size: 16px;
background-color: #FFFFFF;
}
.style10 {color: #FF0000}
-->
</style>
<script src="gen_validatorv4.js" type="text/javascript"></script>
</head>
<body>
<div align="center"><span class="style9">Amend Your Details </span></div>
<p class="style7"><span class="style10">
<?php
if (isset($msg)) // this is special section for
// outputing message
{
?>
</span>
<p class="style7">
<span class="style10">
<?=$msg?>
</span>
<p class="style7"><span class="style10">
<?php
}
?>
</span>
<form name="amendyourdetails" id="amendyourdetails" action="amendyourdetails.php" method="post">
<table width="418" border="1">
<tr>
<td width="195"><span class="style1">Email Address:</span></td>
<td width="220"><span class="style1">
<input name="emailaddress" type="email" value="<?php echo $emailaddress;?>" size="25"/>
</span></td>
</tr>
<tr>
<td><span class="style1">New Password:</span></td>
<td><span class="style1">
<input name="password" id="password" type="password" size="30"/>
</span></td>
</tr>
<tr>
<td><span class="style1">Confirm New Password:</span></td>
<td><span class="style1">
<input name="confirmpassword" id="confirmpassword" type="password" size="30"/>
</span></td>
</tr>
<tr>
<td><span class="style1">New Password Hint:</span></td>
<td><span class="style1">
<input name="passwordhint" id="passwordhint" type="text" size="30"/>
</span></td>
</tr>
</table>
<p>
<input name="amendyourdetails" type="submit" value="Amend Your Details">
</p>
</form>
<script language="JavaScript" type="text/javascript">
var frmvalidator = new Validator("amendyourdetails");
frmvalidator.addValidation("emailaddress","email","Please enter a valid email address");
// frmvalidator.addValidation("password","minlen=6", "Minimum length for a password is 6 characters");
frmvalidator.addValidation("confirmpassword","eqelmnt=password", "The confirmed password is not the same as the password");
// frmvalidator.addValidation("passwordhint","req","Please provide a hint for your password");
</script>
</body>
</html>
我遇到的最大问题是,一旦页面运行,就会发生“更新”操作,但我的“电子邮件地址”和“密码提示”字段中的值已被更改删除了,我不知道为什么。
更新代码
if (isset($_POST["amendyourdetails"]))
{
$emailaddress = $_POST['emailaddress'];
$password = $_POST["password"];}
$confirmpassword = $_POST["confirmpassword"];
$passwordhint = $_POST["passwordhint"];
if ($_POST["password"] isset()
{
$salt = uniqid(mt_rand());
$encrypted = sha1($password . $salt);
mysql_query("UPDATE `userdetails` SET `emailaddress` = '$emailaddress',`password` = '$encrypted', `passwordhint` = '$passwordhint', `salt` = '$salt' WHERE `userid` = 1");
$msg = "Your password has been successfully reset.";
}
}
I'm trying to put together a form whereby users can update their 'email address' and 'password'.
I'm trying to incorporate the following scenarios:
- If the user changes their email address, then I want the existing 'password', 'password hint', and salt fields to be left with their current values.
- If the user changes their password, I need a new 'salt' value to be created, added to the password field and encrypted with sha1
- Lastly, if the user changes all fields then the 'email adresss', 'password', 'password' hint and 'salt' fields all need to be updated.
This is the code I've tried to put together:
if (isset($_POST["amendyourdetails"]))
{
$password = $_POST["password"];}
$confirmpassword = $_POST["confirmpassword"];
$passwordhint = $_POST["passwordhint"];
if ($password >=0){
$salt = uniqid(mt_rand());
$encrypted = sha1($password . $salt);
if ($emailaddress >=0){
$emailaddress = $_POST['emailaddress'];
mysql_query("UPDATE `userdetails` SET `emailaddress` = '$emailaddress',`password` = '$encrypted', `passwordhint` = '$passwordhint', `salt` = '$salt' WHERE `userid` = 1");
$msg = "Your password has been successfully reset.";
}
}
else if ($password == 0 ){
if (emailaddress > 0){
mysql_query("UPDATE `userdetails` SET `emailaddress` = '$emailaddress' WHERE `userid` = 1");
$msg = "Your password has been successfully reset.";
}
}
}
?>
<html>
<head>
<title>Amend Your Details</title>
<style type="text/css">
<!--
.style1 {font-family: Calibri
}
.style9 { font-family: Calibri;
font-size: 24px;
background-color: #78AFC5;
}
.style7 {
font-family: Calibri;
font-size: 16px;
background-color: #FFFFFF;
}
.style10 {color: #FF0000}
-->
</style>
<script src="gen_validatorv4.js" type="text/javascript"></script>
</head>
<body>
<div align="center"><span class="style9">Amend Your Details </span></div>
<p class="style7"><span class="style10">
<?php
if (isset($msg)) // this is special section for
// outputing message
{
?>
</span>
<p class="style7">
<span class="style10">
<?=$msg?>
</span>
<p class="style7"><span class="style10">
<?php
}
?>
</span>
<form name="amendyourdetails" id="amendyourdetails" action="amendyourdetails.php" method="post">
<table width="418" border="1">
<tr>
<td width="195"><span class="style1">Email Address:</span></td>
<td width="220"><span class="style1">
<input name="emailaddress" type="email" value="<?php echo $emailaddress;?>" size="25"/>
</span></td>
</tr>
<tr>
<td><span class="style1">New Password:</span></td>
<td><span class="style1">
<input name="password" id="password" type="password" size="30"/>
</span></td>
</tr>
<tr>
<td><span class="style1">Confirm New Password:</span></td>
<td><span class="style1">
<input name="confirmpassword" id="confirmpassword" type="password" size="30"/>
</span></td>
</tr>
<tr>
<td><span class="style1">New Password Hint:</span></td>
<td><span class="style1">
<input name="passwordhint" id="passwordhint" type="text" size="30"/>
</span></td>
</tr>
</table>
<p>
<input name="amendyourdetails" type="submit" value="Amend Your Details">
</p>
</form>
<script language="JavaScript" type="text/javascript">
var frmvalidator = new Validator("amendyourdetails");
frmvalidator.addValidation("emailaddress","email","Please enter a valid email address");
// frmvalidator.addValidation("password","minlen=6", "Minimum length for a password is 6 characters");
frmvalidator.addValidation("confirmpassword","eqelmnt=password", "The confirmed password is not the same as the password");
// frmvalidator.addValidation("passwordhint","req","Please provide a hint for your password");
</script>
</body>
</html>
The biggest problem I have is that as soon as the page is run, the 'update' action takes place, but values from my 'email address' and 'passwordhint' fields have been deleted and I'm not sure why.
UPDATED CODE
if (isset($_POST["amendyourdetails"]))
{
$emailaddress = $_POST['emailaddress'];
$password = $_POST["password"];}
$confirmpassword = $_POST["confirmpassword"];
$passwordhint = $_POST["passwordhint"];
if ($_POST["password"] isset()
{
$salt = uniqid(mt_rand());
$encrypted = sha1($password . $salt);
mysql_query("UPDATE `userdetails` SET `emailaddress` = '$emailaddress',`password` = '$encrypted', `passwordhint` = '$passwordhint', `salt` = '$salt' WHERE `userid` = 1");
$msg = "Your password has been successfully reset.";
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
你的意思是 if(strlen($password) >=0){ ??还是伊塞特??
不管怎样,试试这个:
但是:从来没有想过 SQL 注入?
顺便说一句:抱歉我的英语不好。
Do you mean if(strlen($password) >=0){ ?? Or isset??
Whatever, try this:
But: Never thought about SQL Injections?
Btw: Sorry for my bad english.
您正在检测 $password 是否大于或等于 0。如果未定义,则计算结果为 true。您想要检查 $_POST["password"] 是否 isset()。
You're detecting if $password is more than or equal to 0. This will evaluate to true if it is not defined. You want to check if $_POST["password"] isset().