未发布php表单的变量_Php_Forms_Post_Get

未发布php表单的变量

php forms post

未发布php表单的变量,php,forms,post,get,Php,Forms,Post,Get,所以我正在做这个密码重置表单。用户点击发送至其电子邮件的链接，然后进入网页输入新密码。当他们提交表单3变量（密码、密钥和电子邮件）时，会将其传递到my functions文件，以更新用户的密码。密码本身已发布，但电子邮件和密钥未发布。我做了一个vardump来查看实际发送的内容，它只是在表单上的email/key值中显示代码。我不确定我做错了什么编辑因此我发现电子邮件/密钥没有被传递到updateUserPassword（）函数。我在下面发布了新的正确表单代码已解决 <?ph

所以我正在做这个密码重置表单。用户点击发送至其电子邮件的链接，然后进入网页输入新密码。当他们提交表单3变量（密码、密钥和电子邮件）时，会将其传递到my functions文件，以更新用户的密码。密码本身已发布，但电子邮件和密钥未发布。我做了一个vardump来查看实际发送的内容，它只是在表单上的email/key值中显示代码。我不确定我做错了什么

编辑因此我发现电子邮件/密钥没有被传递到updateUserPassword（）函数。我在下面发布了新的正确表单代码已解决

     <?php session_start();
include("include/DB_Connect.php"); 
    include("include/DB_Functions.php"); // Connect to database server(localhost) with username and password.  
    mysql_select_db("android_api") or die(mysql_error()); // Select registration database. 
$show = 'emailForm'; //which form step to show by default
if (isset($_POST['subStep']) && !isset($_GET['a']))
{
    switch($_POST['subStep'])
    {
        case 1:
            //we are submitting a new password (only for encrypted)
        if ($_POST['email'] == '' || $_POST['key'] == '') header("location: forgotpw.php");
        if (strcmp($_POST['password'],$_POST['pw1']) != 0 || trim($_POST['password']) == '')
        {
            $error = true;
            $show = 'recoverForm';
        } else {
            $error = false;
            $show = 'recoverSuccess';
            updateUserPassword($_POST['email'],$_POST['password'],$_POST['key']);
            var_dump($_POST['email'],$_POST['password'],$_POST['key']);
        }
        break;
    }
} elseif (isset($_GET['a']) && $_GET['a'] == 'recover' && $_GET['email'] != "") {
    $show = 'invalidKey';
    $result = checkEmailKey(urldecode(base64_decode($_GET['email'])),$_GET['key']);
    if ($result == false)
    {
        $error = true;
        $show = 'invalidKey';
    } elseif ($result['status'] == true) {
        $error = false;
        $show = 'recoverForm';
        $securityUser = $result['email'];
    }
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <title>Password Recovery</title>
    <link href="assets/css/styles.css" rel="stylesheet" type="text/css">
</head>
<body>
    <div id="header"></div>
    <div id="page">
        <?php switch($show) {
            case 'recoverForm': ?>
            <h2>Password Recovery</h2>
            <p>Welcome back, <?php echo getUserName($securityUser=='' ? $_GET['email'] : $securityUser); ?>.</p>
            <p>In the fields below, enter your new password.</p>
            <?php if ($error == true) { ?><span class="error">The new passwords must match and must not be empty.</span><?php } ?>
            <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
                <div class="fieldGroup"><label for="password">New Password</label><div class="field"><input type="password" class="input" name="password" id="password" value="" maxlength="20"></div></div>
                <div class="fieldGroup"><label for="pw1">Confirm Password</label><div class="field"><input type="password" class="input" name="pw1" id="pw1" value="" maxlength="20"></div></div>
                <input type="hidden" name="subStep" value="1" />
                <input type="hidden" name="email" value="<?php echo $securityUser=='' ? $_POST['email'] : $securityUser; ?>" />
                <input type="hidden" name="key" value="<?php echo $_GET['key']=='' ? $_POST['key'] : $_GET['key']; ?>" />
                <div class="fieldGroup"><input type="submit" value="Submit" style="margin-left: 150px;" /></div>
                <div class="clear"></div>
            </form>
            <?php break; case 'invalidKey': ?>
            <h2>Invalid Key</h2>
            <p>The key that you entered was invalid. Either you did not copy the entire key from the email, you are trying to use the key after it has expired (3 days after request), or you have already used the key in which case it is deactivated.<br /><br /><a href="login.php">Return</a> to the login page. </p>
            <?php break; case 'recoverSuccess': ?>
            <h2>Password Reset</h2>
            <p>Congratulations! your password has been reset successfully.</p><br /><br /><a href="login.php">Return</a> to the login page. </p>    
            <?php break; }
            ob_flush();
            $mySQL->close();
            ?>
        </div>
    </body>
    </html>

如果正确地传递了值（就像您测试的那样），则

updateUserPassword（）

的代码可能有错误，我不确定我的函数有什么问题。我在我的OP中发布了函数代码。这需要更多的调试。这是即使是最有经验的程序员也必须经常做的事情。哪里出了问题？你在哪一点上丢失数据？我不知道我在哪里丢失数据。我在mysql中手动运行这些查询，以确保它们是正确的。我不知道很多关于调试SQL函数的问题。作为一个建议，考虑使用MySQLI。mysql_*函数已被正式弃用

    function updateUserPassword($email,$password,$key)
{
    global $mySQL;
    if (checkEmailKey($email,$key) === false) return false;
    if ($SQL = $mySQL->prepare("UPDATE `users` SET `encrypted_password` = ? WHERE `email` = ?"))
    {
        $password = md5(trim($password) . PW_SALT);
        $SQL->bind_param('ss',$email,$password);
        $SQL->execute();
        $SQL->close();
        $SQL = $mySQL->prepare("DELETE FROM `recoveryemails_enc` WHERE `Key` = ?");
        $SQL->bind_param('s',$key);
        $SQL->execute();
    }
}