我在开发登录系统时遇到了问题。我建立了一个处理多个用户登录的类。我还为管理员用户创建了一个管理员区域。他将能够添加新用户,更改密码,删除用户等。更改用户密码
现在我设法添加新用户并更改密码部分。我现在的问题是关于更改密码部分。
我有一个表具有这种结构:
TABLE user
id int(11) AUTO INCREMENT
admin int(11) DEFAULT 0
username varchar(256)
password varchar(256)
从表中的管理员定义的用户类型,0是用于管理用户谁可以做我在上述正常的用户和1。
我有以下功能改变的userPassword:
public function changeUserPassword($cusrn,$oldPass,$newPass,$newPassConfirm) {
if(strlen($newPass) < 4) {
$error = true;
$message['error'] = true;
$message['message'] = "The Password is to short";
return json_encode($message);
}
elseif($newPass != $newPassConfirm) {
$error = true;
$message['error'] = true;
$message['message'] = "Confirmed Password doesn't match";
return json_encode($message);
}
elseif(!(ALLOW_SPECIAL_CHARACTERS == true) && preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/', $newPass)) {
$error = true;
$message['error'] = true;
$message['message'] = "Special characters are not allowed";
return json_encode($message);
}
elseif(!(ALLOW_NUMBERS == true) && preg_match('#\d#',$newPass)) {
$error = true;
$message['error'] = true;
$message['message'] = "Numbers are not allowed";
return json_encode($message);
}
elseif(!isset($error)) {
$oldPass = hash_hmac('sha512',$oldPass,$this -> salt($cusrn,$oldPass));
$newPass = hash_hmac('sha512',$newPass,$this -> salt($cusrn,$newPass));
$sql = 'SELECT username,password FROM user WHERE username = ? AND password = ?';
if($stmt = $this->conn->prepare($sql)) {
$stmt->bind_param('ss',$cusrn,$newPass);
$stmt->execute();
$stmt->bind_result($usrn,$passw);
if($stmt->fetch()) {
if($cusrn == $usrn) {
if(!(strcmp($oldPass,$passw) == false)) {
$error = true;
$message['error'] = true;
$message['message'] = "The current Password is incorrect";
return json_encode($message);
}
elseif (!(strcmp($oldPass,$newPass) == false)) {
$stmt->close();
$sql = "UPDATE user SET password = ? WHERE username = '$usrn' LIMIT 1";
if($stmt = $this->conn->prepare($sql)) {
$stmt->bind_param('s',$newPass);
$stmt->execute();
$stmt->close();
$error = false;
$message['error'] = false;
$message['message'] = "Password successfuly changed";
return json_encode($message);
}
else {
$error = true;
$message['error'] = true;
$message['message'] = "Cannot connect to database for updating";
return json_encode($message);
}
}
else {
$error = true;
$message['error'] = true;
$message['message'] = "New Password must not match the old one";
return json_encode($message);
}
}
else {
$error = true;
$message['error'] = true;
$message['message'] = "The current Username is incorrect";
return json_encode($message);
}
}
else {
$error = true;
$message['error'] = true;
$message['message'] = "Cannot fetch data from the database";
return json_encode($message);
}
}
else {
$error = true;
$message['error'] = true;
$message['message'] = "Cannot prepare database connection";
return json_encode($message);
}
}
else {
$error = true;
$message['error'] = true;
$message['message'] = "Check the PHP syntax | Something went wrong";
return json_encode($message);
}
}
我的问题是,如果我尝试输入某个用户名,要么抛出我:
"Cannot fetch data from the database"
,或者不断告诉我:
"The current Username is incorrect"
即使用户名是正确的。虽然它适用于表中存在的最后一行,但我的意思是它适用于放置在表中最后一行的用户名。
我敢肯定我做错了什么,我在问你可能是什么错我在做什么?
至少尝试解决所有这些嵌套的'if'的。 – CodeCaster 2011-12-27 22:28:54
你是什么意思?删除'如果'并且像那样工作?这样我就不知道问题出在哪里...... – Roland 2011-12-27 22:36:30
几个快速编码技巧 - 你的主要if/elseif/else应该缩进到同一级别,它们不是嵌套控件(除非你真的在嵌套它们) 。为什么复制$ message ['error']到$ error时,你可以检查!isset($ message ['error'])。您可以在主if/elseif/else控制块之后将多个return语句移入一个return语句中。你也可以初始化$ message ['error'] = true;在主要的if块之前,只有在它发生的一次时才将其设置为false。这应该使你的代码更加简洁/可读,等等。 – codercake 2011-12-27 22:44:06