我一直在尝试自己做一个'更改密码'功能。这意味着当用户想要更改密码时,将弹出一个对话框,其中显示三个字段:旧密码,新密码和确认新密码。旧密码由SharedPreferences处理。
public void invokeChangePass WORKS。所以你不需要看那个
问题出在php文件和private void updateDataBase中。它不会修改数据库中的用户密码。
除了php文件和updateddatabase函数之外的所有内容都可以工作,所以不用担心。
有用的笔记:
- 我知道它是脆弱的mysql注入。这不是我现在的首要任务。
-
EmailKey和PassKey是用户登录时在SharedPreferences中生成的。 - 应该在数据库中找到
EmailKey,以便更改该用户的密码。 - 这是作为一段时间前,因为我做了这个,所以它可能有愚蠢的错误或东西,我只是忘记添加。
非常感谢。
JAVA文件: public class ChangePassDialog extends Activity {
private EditText setOldPass;
private EditText setNewPass;
private EditText setNewPass2;
public static final String MyPREFERENCES = "MyPrefs";
SharedPreferences sharedpreferences;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.dialog_changepass);
setOldPass = (EditText) findViewById(R.id.setOldPass);
setNewPass = (EditText) findViewById(R.id.setNewPass);
setNewPass2 = (EditText) findViewById(R.id.setNewPass2);
}
public void invokeChangePass(View view) {
String oldpass = setOldPass.getText().toString();
String pass = setNewPass.getText().toString();
String pass2 = setNewPass2.getText().toString();
sharedpreferences = getSharedPreferences(MyPREFERENCES, Context.MODE_PRIVATE);
String passKey = sharedpreferences.getString("passKey", "DEFAULT");
String name = sharedpreferences.getString("emailKey", "DEFAULT");
// onPreExecute();
if (oldpass.equals(passKey) && pass.length() >= 6 && pass.length() <= 30 && (pass2.length() >= 0 && (pass.equals(pass2)) && (!pass.equals(pass.toLowerCase()) &&
!pass.equals(pass.toUpperCase()) &&
pass.matches(".*''d+.*")))) {
updateDatabase(pass, name);
setNewPass2.requestFocus();
setNewPass2.setError("TEST WORKING.");
} else {
errorTest(oldpass, pass, pass2);
}
}
private void updateDatabase(String pass, String name) {
class SendPostReqAsyncTask extends AsyncTask<String, Void, String> {
@Override
protected String doInBackground(String... params) {
String name = params[0];
String pass = params[1];
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("pass", pass));
nameValuePairs.add(new BasicNameValuePair("name", name));
try {
HttpClient httpClient = new DefaultHttpClient();
HttpPost httpPost = new HttpPost("http://calisapp.esy.es/changepass.php");
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpClient.execute(httpPost);
InputStream entity = response.getEntity().getContent();
InputStreamReader inputStream = new InputStreamReader(entity);
BufferedReader bufferedReader = new BufferedReader(inputStream);
StringBuilder stringBuilder = new StringBuilder();
String bufferedStrChunk = null;
while ((bufferedStrChunk = bufferedReader.readLine()) != null) {
stringBuilder.append(bufferedStrChunk);
}
return stringBuilder.toString();
} catch (ClientProtocolException e) {
} catch (IOException e) {
}
return "";
}
@Override
protected void onPostExecute(String result) {
super.onPostExecute(result);
String s = result.trim();
if(s.equalsIgnoreCase("success")){
Intent intent = new Intent(ChangePassDialog.this, Settings.class);
startActivity(intent);
Toast.makeText(ChangePassDialog.this, "Registered successfully", Toast.LENGTH_LONG).show();
finish();
}
// loadingDialog.dismiss();
}
}
SendPostReqAsyncTask sendPostReqAsyncTask = new SendPostReqAsyncTask();
sendPostReqAsyncTask.execute(name,pass);
}
<?php
define('HOST','X');
define('USER','X');
define('PASS','X');
define('DB','X');
$con = mysqli_connect(HOST,USER,PASS,DB);
$name = $_POST['name'];
$pass = $_POST['pass'];
$sql = "UPDATE tbl_user SET password='$pass' WHERE username = '$name'";
if(mysqli_query($con,$sql)){
echo 'success';
}
mysqli_close($con);
?>
第一。我不认为这是一个好主意使用AsyncTask,因为它可能会导致一些问题。
但是,好吧,这不是你的首要任务,也不是你的问题,所以我们继续吧。
改变这
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs,"UTF-8"));
改变这个
InputStreamReader inputStream = new InputStreamReader(entity);
BufferedReader bufferedReader = new BufferedReader(inputStream);
StringBuilder stringBuilder = new StringBuilder();
String bufferedStrChunk = null;
while ((bufferedStrChunk = bufferedReader.readLine()) != null) {
stringBuilder.append(bufferedStrChunk);
}
return stringBuilder.toString();
HttpResponse response = httpClient.execute(httpPost);
String resp = EntityUtils.toString(response.getEntity(),"UTF-8");
return resp;
试着把你的php文件改成
<?php
define('HOST','X');
define('USER','X');
define('PASS','X');
define('DB','X');
$name = $_POST['name'];
$pass = $_POST['pass'];
if (isset($name) && isset($pass)) {
$mysqli = new mysqli(HOST,USER,PASS,DB);
if ($mysqli->connect_error) {
die('Error while connecting to database!');
}
$sql = "UPDATE tbl_user SET password='" .$pass ."' WHERE username ='" . $name . "'";
$res = $mysqli->query($sql);
if ($res) {
echo "success";
}
$mysqli->close();
}
?>