Home  >  Article  >  Backend Development  >  How to implement the function of changing login password in php? (code example)

How to implement the function of changing login password in php? (code example)

PHPz
PHPzOriginal
2023-04-03 14:40:311543browse

In website development, the user account system is an essential part, and security is one of its core. In order to ensure the security of users' accounts, it is very necessary to provide the function of changing login passwords. Implementing this function requires writing some code. Let's take a look at how to write PHP code to modify the login password.

First, we need to create a password change form to provide users with an operable interface. Here, we use simple HTML code:

<form action="modifypwd.php" method="post">
    旧密码:<input type="password" name="oldpwd"><br>
    新密码:<input type="password" name="newpwd"><br>
    确认新密码:<input type="password" name="newpwd2"><br>
    <input type="submit" name="submit" value="提交">
</form>

The POST method is used in the form and submitted to the modifypwd.php file for processing. The form includes input boxes for entering the old password, new password, and password confirmation. The types of all input boxes are password types, and the content entered by the user will not be displayed.

Next, we start writing PHP code to process the form data submitted by the user. In the modifypwd.php file, we can use the following code to obtain the form data:

$oldpwd = $_POST['oldpwd'];
$newpwd = $_POST['newpwd'];
$newpwd2 = $_POST['newpwd2'];

The above code obtains the old password, new password and confirmation password entered by the user in the form through the $_POST variable. At this time, we need to perform some data legality checks to ensure the correctness and security of user input data. For example, determine whether the new password entered by the user is consistent with the confirmed password:

if ($newpwd !== $newpwd2) {
    echo '两次输入的新密码不一致';
    exit;
}

Next, we need to obtain the user's old password from the database and verify whether the old password is correct. It is assumed here that we have stored the user's account and password information in the user table, and the password is stored using MD5 encryption. You can use the following code to judge:

$oldpwd_md5 = md5($oldpwd);
$sql = "SELECT pwd FROM user WHERE username='xxx' and pwd='$oldpwd_md5'";
$result = mysqli_query($conn, $sql);
if (!$result || mysqli_num_rows($result) !== 1) {
    echo '旧密码输入错误';
    exit;
}

Among them, we use the md5() function to encrypt the old password entered by the user, and then obtain the user's password information from the database to determine whether it is consistent with the entered password. . Here xxx represents the username.

Finally, if there is no problem with the data entered by the user, we need to encrypt and store the new password in the database:

$newpwd_md5 = md5($newpwd);
$sql = "UPDATE user SET pwd='$newpwd_md5' WHERE username='xxx'";
if (!mysqli_query($conn, $sql)) {
    echo '密码修改失败';
    exit;
}
echo '密码修改成功';

The update statement is used to encrypt the user's new password and update it to the database. At this point, the process of changing the password has been completed.

To sum up, the above is the PHP code to change the login password. When writing such functions, you need to pay attention to data security. We can ensure the security of user data through encryption, data verification and other means. At the same time, for operations that modify the database, transaction processing is required to ensure the integrity and consistency of the operations.

The above is the detailed content of How to implement the function of changing login password in php? (code example). For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn