search

Home  >  Q&A  >  body text

PHP password change system, the password is still changed after entering the wrong password

<?php 
  session_start (); 
  $username = $_REQUEST ["username"]; 
  $oldpassword = $_REQUEST ["oldpassword"]; 
  $newpassword = $_REQUEST ["newpassword"]; 
  $con = mysql_connect ( "localhost", "root", "root" ); 
  if (! $con) { 
    die ( '数据库连接失败' . $mysql_error () ); 
  } 
  mysql_select_db("mtdb",$con);
  $dbusername = null; 
  $dbpassword = null; 
  $result = mysql_query ( "select * from t_account where username ='{$username}'" ); 
  while ( $row = mysql_fetch_array ( $result ) ) { 
    $dbusername = $row ["username"]; 
    $dbpassword = $row ["password"]; 
  } 
  if (is_null ( $dbusername )) { 
    ?> 
  <script type="text/javascript"> 
    alert("用户名不存在"); 
    window.location.href="changepasswd.html"; 
  </script>  
  <?php 
  } 
  if ($oldpassword!=$dbpassword) { 
    ?> 
  <script type="text/javascript"> 
    alert("密码错误"); 
window.location.href="changepasswd.html"; 
  </script> 
  <?php 
  } 
  mysql_query ( "update t_account set password='{$newpassword}' where username='{$username}'" ) or die ( "存入数据库失败" . mysql_error () );//如果上述用户名密码判定不错,则update进数据库中 
  mysql_close ( $con ); 
  ?> 
  <script type="text/javascript"> 
    alert("密码修改成功"); 
    window.location.href="changepasswd.html"; 
  </script>

The code is written according to http://blog.csdn.net/qazcxh/article/details/45726911. The problem now is that after entering the wrong password, it will prompt that the password is incorrect, but the database will be updated with the new one. Password, please tell me how to change it

**哥是标准身材。**哥是标准身材。2456 days ago1298

reply all(7)I'll reply

  • 段旭涛

    段旭涛2018-03-07 11:04:41

    After displaying the content, the php program will continue to execute until it encounters termination such as die(), exit() or until the execution is completed.
    So there are two ways to deal with your problem

    1. Add die after judgment
    2. Put the code after judgment into else

    reply
    0
    • **哥是标准身材。

    Yes, it was solved after adding die after judgment. When I first started learning PHP, I felt a little overwhelmed after a few more IFs. Why is the CSDN article so imprecise? I put it up without actually testing it. I was also drunk. Fortunately, it didn't cause too much damage. .

    **哥是标准身材。 · 2018-03-07 11:08:36
  • 66

    662018-03-06 16:39:58

    if ($oldpassword!=$dbpassword) {

    ?>

    <script type="text/javascript">

    alert("Password Error");

    window.location.href="changepasswd.html";

    </script>

    <?php

    mysql_query ( "update t_account set password='{$newpassword}' where username='{$username}'" ) or die ( "Failed to save to database" . mysql_error () );//If the above username and password are judged well, then update into the database

    }

    mysql_close ($con);

    ?> 

    这样你吧更新语句放外面,无论什么密码都会更新啊= = 还有 mysql不要用了尽量使用mysqli吧


    reply
    0
    • **哥是标准身材。

    I put it in as you said, and it still looks like this - -

    **哥是标准身材。 · 2018-03-06 17:52:43
    **哥是标准身材。

    Thank you, it has been solved according to the method of the master on the first floor~!

    **哥是标准身材。 · 2018-03-06 18:18:16
  • 炎

    2018-03-06 16:33:46

    The simplest method is

    In the password judgment, after judging that the password is incorrect, add die; to terminate the program

    reply
    0
    • **哥是标准身材。

    Thanks, it’s been taken care of~!

    **哥是标准身材。 · 2018-03-06 18:18:04
    炎

    You are welcome

    · 2018-03-07 09:10:20
  • Cancelreply