我认为我需要一个眼睛更好的人来帮助我发现我的错误。我试图更改当前密码而不刷新页面。我收到错误消息“错误,请重试!”。到目前为止,这是我的代码。
的HTML
<form name="resetform" action="changepass.php" id="resetform" class="passform" method="post" role="form">
<h3>Change Your Password</h3>
<br />
<input type="hidden" name="username" value="<?php echo $sname;?>" ></input>
<label>Enter Old Password</label>
<input type="password" class="form-control" name="old_password" id="old_password">
<label>Enter New Password</label>
<input type="password" class="form-control" name="new_password" id="new_password">
<label>Confirm New Password</label>
<input type="password" class="form-control" name="con_newpassword" id="con_newpassword" />
<br>
<input type="submit" class="btn btn-warning" name="password_change" id="submit_btn" value="Change Password" />
</form>
的PHP
<?php
include_once 'database-config.php';
if (isset($_POST['password_change'])) {
$username = strip_tags($_POST['sname']);
$password = strip_tags($_POST['old_password']);
$newpassword = strip_tags($_POST['new_password']);
$confirmnewpassword = strip_tags($_POST['con_newpassword']);
// match username with the username in the database
$sql = "SELECT * FROM users WHERE username='$sname'";
$query = $dbh->prepare($sql);
$query->execute();
$row = $query->fetchAll();
$hash = $row[0]["password"];
//$hash = $results[0]["password"];
if ($password == $hash){
if($newpassword == $confirmnewpassword) {
$sql = "UPDATE users SET password = '$newpassword' WHERE username = '$username'";
$query = $dbh->prepare($sql);
$query->execute();
echo "Password Changed Successfully!";
} else echo "Passwords do not match!";
}
} else echo "Please type your current password accurately!";
}
?>
jQuery的
<script type="text/javascript">
$(document).ready(function() {
var frm = $('#resetform');
frm.submit(function(e){
$.ajax({
type: frm.attr('method'),
url: frm.attr('action'),
data: frm.serialize(),
success: function(data){
$('#success').html("<div id='message'></div>");
$('#message').html("<h2>Password changed successfully!</h2>")
.delay(3000).fadeOut(3000);
},
error: function(data) {
$('#error').html("<div id='errorMessage'></div>");
$('#errorMessage').html("<h3>Error, please try again!</h3>")
.delay(2000).fadeOut(2000);
}
});
e.preventDefault();
});
});
</script>
我将不胜感激任何纠正:-)
最佳答案
您的代码有几个问题,例如:
在这里查看此声明,
if (isset($_POST['password_change'])) { ...
在这里,未设置
$_POST['password_change'],因为jQuery的serialize()不包括编码按钮或提交输入,因此您必须在结果中附加提交按钮的名称和值,如下所示:var formData = frm.serialize();
formData += '&' + $('#submit_btn').attr('name') + '=' + $('#submit_btn').attr('value');
由于该语句,未设置变量
$username,$username = strip_tags($_POST['sname']);
它应该是,
$username = strip_tags($_POST['username']);
在另一个元素内创建一个元素来显示成功/错误消息是没有意义的,并且无论查询结果如何,消息都是相同的。另外,您没有利用服务器的响应
data。请在您的AJAX请求中查看以下这些回调函数,success: function(data){
$('#success').html("<div id='message'></div>");
$('#message').html("<h2>Password changed successfully!</h2>")
.delay(3000).fadeOut(3000);
},
error: function(data) {
$('#error').html("<div id='errorMessage'></div>");
$('#errorMessage').html("<h3>Error, please try again!</h3>")
.delay(2000).fadeOut(2000);
}
相反,制作一个
div元素,如下所示:<div id="message"></div>
并在您的回调函数中显示成功/错误消息,如下所示:
success: function(data){
$('#message').html(data).delay(3000).fadeOut(3000);
},
error: function(jqXHR, textStatus, errorThrown) {
$('#message').html(textStatus).delay(2000).fadeOut(2000);
}
在您的PHP代码中,几乎没有由
Parse error: syntax error, unexpected '}' in ...组成的语法错误。始终准备,绑定和执行查询,以防止进行任何形式的SQL注入。 And this is how you can prevent SQL injection in PHP。
切勿将密码存储为易读的文本,在将原始密码插入表中之前,请始终对原始密码执行salted password hashing。
因此,您的代码应如下所示:
HTML:
<form name="resetform" action="changepass.php" id="resetform" class="passform" method="post" role="form">
<h3>Change Your Password</h3>
<br />
<input type="hidden" name="username" value="<?php echo $sname; ?>" ></input>
<label>Enter Old Password</label>
<input type="password" class="form-control" name="old_password" id="old_password">
<label>Enter New Password</label>
<input type="password" class="form-control" name="new_password" id="new_password">
<label>Confirm New Password</label>
<input type="password" class="form-control" name="con_newpassword" id="con_newpassword" />
<br>
<input type="submit" class="btn btn-warning" name="password_change" id="submit_btn" value="Change Password" />
</form>
<!--display success/error message-->
<div id="message"></div>
jQuery的:
$(document).ready(function() {
var frm = $('#resetform');
frm.submit(function(e){
e.preventDefault();
var formData = frm.serialize();
formData += '&' + $('#submit_btn').attr('name') + '=' + $('#submit_btn').attr('value');
$.ajax({
type: frm.attr('method'),
url: frm.attr('action'),
data: formData,
success: function(data){
$('#message').html(data).delay(3000).fadeOut(3000);
},
error: function(jqXHR, textStatus, errorThrown) {
$('#message').html(textStatus).delay(2000).fadeOut(2000);
}
});
});
});
PHP:
<?php
include_once 'database-config.php';
if (isset($_POST['password_change'])) {
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['old_password']);
$newpassword = strip_tags($_POST['new_password']);
$confirmnewpassword = strip_tags($_POST['con_newpassword']);
// match username with the username in the database
$sql = "SELECT * FROM `users` WHERE `username` = ? LIMIT 1";
$query = $dbh->prepare($sql);
$query->bindParam(1, $username, PDO::PARAM_STR);
if($query->execute() && $query->rowCount()){
$hash = $query->fetch();
if ($password == $hash['password']){
if($newpassword == $confirmnewpassword) {
$sql = "UPDATE `users` SET `password` = ? WHERE `username` = ?";
$query = $dbh->prepare($sql);
$query->bindParam(1, $newpassword, PDO::PARAM_STR);
$query->bindParam(2, $username, PDO::PARAM_STR);
if($query->execute()){
echo "Password Changed Successfully!";
}else{
echo "Password could not be updated";
}
} else {
echo "Passwords do not match!";
}
}else{
echo "Please type your current password accurately!";
}
}else{
echo "Incorrect username";
}
}
?>
关于php - 使用PHP,Ajax和Jquery更改密码,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/37168637/