大家好,感谢您的宝贵时间。
不管我做了多少研究,我都找不到一个已经讨论过的解决方案。
问题是提交按钮自动重定向,似乎没有发布表单。它一直工作,直到我从MySQL函数转换到MySQLi。除了网站的这一部分,其他一切都正常。
HTML表单(myaccount.inc.php):
<div id="change-password">
<form class="clearfix" action="" method="post">
<div><span class="he1">Change Password</span></div>
<div>
<?php include_once 'controllers/accountController.php'; ?>
</div>
<div><label class="fieldlabel" for="password">Current Password:</label></div>
<input type="password" name="password" id="password" size="23" /><br />
<div><label class="fieldlabel" for="passwordnew1">New Password:</label></div>
<input type="password" name="passwordnew1" id="passwordnew1" size="23" /><br />
<div><label class="fieldlabel" for="passwordnew2">Confirm New Password:</label></div>
<input type="password" name="passwordnew2" id="passwordnew2" size="23" /><br />
<input type="submit" name="submit" value="Change Password" class="bt_changepass" />
</form>
</div>
然后,由于没有更好的术语,这个表单由一些PHP控制。
PHP (accountController.php):
// Checking whether the Password Change form has been submitted.
if(isset($_POST['submit'])=='Change Password')
{
echo "<br />";
// Get the data from the database.
$sql = $mysqli->query("SELECT * FROM ss_members WHERE usr = '".$_SESSION['usr']."' AND pass = '".md5($_POST['password'])."'");
$row = $sql->fetch_assoc();
// Will hold our errors
$err = array();
if($_POST['password'] == "" || $_POST['passwordnew1'] == "" || $_POST['passwordnew2'] == "")
{
$err[] = 'All the fields must be filled in!';
}
if(!$row['pass'] == md5($_POST['password']) && $_POST['passwordnew1'] != "" && $_POST['passwordnew2'] != "")
{
$err[] = 'Current password is not correct!';
}
if($_POST['passwordnew1'] <> $_POST['passwordnew2'])
{
$err[] = 'New passwords do not match!';
}
if(!count($err))
{
if($row['usr'])
{
// If everything is OK change password.
$stmt = $mysqli->prepare("UPDATE ss_members SET pass = md5(?) WHERE usr = {$_SESSION['usr']}");
$stmt->bind_param('s', $_POST['passwordnew1']);
$stmt->execute();
$stmt->close();
echo "Password has been sucessfully updated!<br />";
}
else
{
$err[]='Something broke!';
}
}
if($err)
{
// Save the error messages in the session.
foreach($err as $error)
{
echo $error . "<br />";
}
}
echo "<br />";
}
在您的<form>
标记中没有action
集,它正在将数据发送到相同的文件。即myaccount.inc.php
改为:
<form class="clearfix" action="accountController.php" method="post">
问题是你包含了
<?php include_once 'controllers/accountController.php'; ?>
在报头发送之后。
你可以移动
<?php include_once 'controllers/accountController.php'; ?>
到页面顶部,在处理程序部分中,或者您可以将表单提交到
controllers/accountController.php
<form class="clearfix" action="controllers/accountController.php" method="post">
试试这个:
给accountController.php
设置表单动作
<form class="clearfix" action="accountController.php" method="post">
将action
更改为此,因为accountController.php
存在于controllers
文件夹中。
<form class="clearfix" action="controllers/accountController.php" method="post">
mysqli是一个类,它的函数查询不是静态的,所以在使用$mysqli->query
之前,你必须声明一个mysqli类的实例。
你应该把
$mysqli = new mysqli('localhost', 'my_user', 'my_password', 'my_db');
$sql = $mysqli->query("SELECT * FROM ss_members WHERE usr = '".$_SESSION['usr']."' AND pass = '".md5($_POST['password'])."'");