什么应该是一个简单的代码不是为我工作。它正在显示HTML哇!消息,但实际上并没有提交数据。
$forgetKeyEmail = mysql_real_escape_string($_GET['key']);
$resetUsername = mysql_real_escape_string($_POST['inputUser']);
if ($_GET['do'] == "update")
{
$hasher = new PasswordHash(10, false);
$resetPassword = $hasher->HashPassword(mysql_real_escape_string($_POST['inputPassword']));
if ($_POST['inputPassword'] !== "")
{
mysql_query("UPDATE users SET password = '$resetPassword' WHERE forgetKey = '$forgetKeyEmail'");
?>
<div class="alert alert-success" style="margin:0;">
<strong>Woooo!</strong> Your password has been changed, you can now <a href="login.php">login.</a>
</div>
<?php
}
else
{
?>
<div class="alert alert-error" style="margin:0;">
<strong>Woops!</strong> You need to fill out a password!
</div>
<?php
}
}
下面是HTML格式的参考:
<form method="POST" class="form-horizontal" action="?do=update" >
<div class="control-group">
<label class="control-label" for="inputPassword">New Password</label>
<div class="controls">
<input type="text" id="inputPassword" name="inputPassword" placeholder="Password">
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" class="btn btn-primary">Reset!</button>
</div>
</div>
</form>
下面一行有一个小错误:
<form method="POST" class="form-horizontal" action="?do=update" >
当表单提交时,url是..?do=update。
$forgetKeyEmail = mysql_real_escape_string($_GET['key']);
因此,$forgetKeyEmail为空字符串,因为url中没有键,即$_GET['key']未设置。
<form method="POST" class="form-horizontal" action=?do=update&key=<?php echo $forgetKeyEmail; ?>
很可能是大小写敏感或拼写错误等愚蠢的事情。仔细检查表和字段名、查询字符串值等的大小写