我目前正在做一个忘记密码重设在基层。下面的代码似乎没有在显示任何错误消息或甚至用新密码更新数据库方面发挥作用。请帮忙。PHP代码没有显示任何错误信息
<?php
include('../config/connection.php');
if (isset($_POST['submit'])){
if (isset($_GET['encrypt'])){
$get_email = $_GET['email'];
$get_encrypt = $_GET['encrypt'];
$q = "SELECT * FROM users WHERE email = '$get_email'";
$r = mysqli_query($dbc, $q) OR die(mysqli_error());
$row = mysqli_fetch_assoc($r);
$db_encrypt = $row['passreset'];
$db_email = $row['email'];
if ($get_email == $db_email AND $get_encrypt == $db_encrypt){
$newpass = mysqli_real_escape_string($dbc,$_POST['newpass']);
$newpass1 = mysqli_real_escape_string($dbc,$_POST['newpass1']);
$post_email = $_POST['email'];
$encrypt = $_GET['encrypt'];
$passrst = md5(SHA1($newpass));
if ($newpass == '' OR $newpass1 == '') {
$message = 'Both fields required';
}
if($newpass != $newpass1) {
$message = 'passwords dont match, please try again';
} if(strlen($newpass)<6 OR strlen($newpass1)>20) {
$message = 'Password must be 6 to 20 characters';
}
if ($message == ''){
$q = "UPDATE users SET password='$passrst' AND passreset='0' WHERE email='$email'";
$r = mysqli_query($dbc, $q);
}
} else "something went wrong please try again.";
}
}
?>
//错误显示代码
<?php
if(isset($message) AND $message !=''){
echo '<p style="color:#c43235">'.$message.'</p>';
}else {
echo '<span id="alrt">'.$sent.'</span>';
}
mysqli_close($dbc);
?>
请使用PHP的[内置函数(HTTP:// jayblanchard 。净/正确密码hashhaffing_with_PHP.html)来处理密码安全性。如果您使用的PHP版本低于5.5,则可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。 –
*“代码似乎没有在显示任何错误消息方面发挥作用”* - 这是因为您没有检查它们,或者您的系统未设置为捕捉/记录/显示它们。 –
*我敢打赌,在error.log中有消息Ralph。* @ Fred-ii- –