你好,我的mysql很弱,所以你是我最后的希望。我在一个现成的简单登录脚本上写了一个网站,但我想扩展它的功能。
所以我在我的 mysql 数据库中添加了一个 GOAL 列,我正在尝试添加用户在 php 网站中更改此值的功能。
屏幕
我尝试修改现有的代码 profile.php,它允许您更新基本信息(如姓名、性别、电子邮件、密码)以编辑目标值,但它不起作用。
profile.php 文件如下所示:
<?php
$userName = '';
$email = '';
if(isset($_GET['error']))
{
if($_GET['error'] == 'emptyemail')
{
echo 'Naleźy wprowadzić adres e-mail
';
$email = $_GET['mail'];
}
else if ($_GET['error'] == 'invalidmail')
{
echo 'Wprowadź poprawny adres e-mail
';
}
else if ($_GET['error'] == 'emptyoldpwd')
{
echo 'Aby zmienić hasło, należy wprowadzić poprzednie
';
}
else if ($_GET['error'] == 'emptynewpwd')
{
echo 'Wprowadź nowe hasło
';
}
else if ($_GET['error'] == 'emptyreppwd')
{
echo 'Potwierdź nowe hasło
';
}
else if ($_GET['error'] == 'wrongpwd')
{
echo 'To nie jest twoje obecne hasło! Użyj obecnego
';
}
else if ($_GET['error'] == 'samepwd')
{
echo 'Nowe hasło nie może być takie samo jak poprzednie
';
}
else if ($_GET['error'] == 'passwordcheck')
{
echo '*Confirmation password is not the same as the new password
';
}
}
else if (isset($_GET['edit']) == 'success')
{
echo 'Profil został zaktualizowany
';
}
?>
Informacje podstawowe
>
Zmień zdjęcie profilowe
<input type="file" name='dp' value=>
<input type="text" id="f-name" name="f-name" placeholder="Imię" value=>
<input type="text" id="l-name" name="l-name" placeholder="Nazwisko" value=>
Informacje dodatkowe
<input type="text" id="headline" name="headline" placeholder="Podaj nagłówek" value=''>
Dane logowania
<input type="text" id="userUid" name="userUid" placeholder="" disabled>
<input type="email" id="email" name="email" placeholder="email" value=>
用户应该能够通过设置他的“目标”来选择多个值,这些值在数据库中定义为 1、2、3、4、5、6.
问题在于,只要用户不注销,它就只能在录制的会话期间工作。 mysql中的值是常数,所以我认为问题出在goal.inc.php中。
这是包含/profileUpdate.inc.php 的样子:
<?php
session_start();
if (isset($_POST['update-profile']))
{
require 'dbh.inc.php';
$email = $_POST['email'];
$f_name = $_POST['f-name'];
$l_name = $_POST['l-name'];
$oldPassword = $_POST['old-pwd'];
$password = $_POST['pwd'];
$passwordRepeat = $_POST['pwd-repeat'];
$gender = $_POST['gender'];
$headline = $_POST['headline'];
$bio = $_POST['bio'];
if (empty($email))
{
header("Location: ../profile.php?error=emptyemail");
exit();
}
else if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
header("Location: ../profile.php?error=invalidmail");
exit();
}
else
{
$sql = "SELECT * FROM users WHERE uidUsers=?;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql))
{
header("Location: ../profile.php?error=sqlerror");
exit();
}
else
{
mysqli_stmt_bind_param($stmt, "s", $_SESSION['userUid']);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if($row = mysqli_fetch_assoc($result))
{
$pwdChange = false;
if( (!empty($password) || !empty($passwordRepeat)) && empty($oldPassword))
{
header("Location: ../profile.php?error=emptyoldpwd");
exit();
}
if( empty($password) && empty($passwordRepeat) && !empty($oldPassword))
{
header("Location: ../profile.php?error=emptynewpwd");
exit();
}
if (!empty($password) && empty($passwordRepeat) && !empty($oldPassword))
{
header("Location: ../profile.php?error=emptyreppwd");
exit();
}
if (empty($password) && !empty($passwordRepeat) && !empty($oldPassword))
{
header("Location: ../profile.php?error=emptynewpwd");
exit();
}
if (!empty($password) && !empty($passwordRepeat) && !empty($oldPassword))
{
$pwdCheck = password_verify($oldPassword, $row['pwdUsers']);
if ($pwdCheck == false)
{
header("Location: ../profile.php?error=wrongpwd");
exit();
}
if ($oldPassword == $password)
{
header("Location: ../profile.php?error=samepwd");
exit();
}
if ($password !== $passwordRepeat)
{
header("Location: ../profile.php?error=passwordcheck&mail=".$email);
exit();
}
$pwdChange = true;
}
$FileNameNew = $_SESSION['userImg'];
require 'upload.inc.php';
$sql = "UPDATE users "
. "SET f_name=?, "
. "l_name=?, "
. "emailUsers=?, "
. "gender=?, "
. "headline=?, "
. "bio=?, "
. "userImg=? ";
if ($pwdChange)
{
$sql .= ", pwdUsers=? "
. "WHERE uidUsers=?;";
}
else
{
$sql .= "WHERE uidUsers=?;";
}
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql))
{
header("Location: ../profile.php?error=sqlerror");
exit();
}
else
{
if ($pwdChange)
{
$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "sssssssss", $f_name, $l_name, $email,
$gender, $headline, $bio,
$FileNameNew, $hashedPwd, $_SESSION['userUid']);
}
else
{
mysqli_stmt_bind_param($stmt, "ssssssss", $f_name, $l_name, $email,
$gender, $headline, $bio,
$FileNameNew, $_SESSION['userUid']);
}
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$_SESSION['emailUsers'] = $email;
$_SESSION['f_name'] = $f_name;
$_SESSION['l_name'] = $l_name;
$_SESSION['gender'] = $gender;
$_SESSION['headline'] = $headline;
$_SESSION['bio'] = $bio;
$_SESSION['userImg'] = $FileNameNew;
header("Location: ../profile.php?edit=success");
exit();
}
}
else
{
header("Location: ../profile.php?error=sqlerror");
exit();
}
}
}
mysqli_stmt_close($stmt);
mysqli_close($conn);
}
else
{
header("Location: ../profile.php");
exit();
}
所以我的问题是,php 代码应该如何工作并允许更改 GOAL 值。
暂无评论内容