PHP login password modification code

In website development, in order to ensure the security of user accounts, it is often necessary to provide the function of changing login passwords. This article will introduce a login password modification code written in PHP to help developers implement this function.

First, we need a login page where users enter their username and password to log in. When the user logs in successfully, a button to change the password will be displayed. The user can click the button to jump to the page to change the password.

The following is the code of the login page:

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>登录页面</title>
    </head>
    <body>
        <h1>登录页面</h1>
        <form action="login.php" method="post">
            <label for="username">用户名：</label>
            <input type="text" id="username" name="username" required>
            <br>
            <label for="password">密码：</label>
            <input type="password" id="password" name="password" required>
            <br>
            <input type="submit" value="登录">
        </form>
    </body>
</html>

In this page, we pass the user name and password to the PHP file named login.php through the form to determine the user login. .

The following is the code of the login.php file:

<?php
session_start();

if (isset($_POST['username']) && isset($_POST['password'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    // 连接数据库，判断用户名和密码是否正确
    $conn = mysqli_connect('localhost', 'root', 'password', 'my_db');
    if (!$conn) {
        die('连接数据库失败！');
    }

    $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'";
    $result = mysqli_query($conn, $sql);

    if (mysqli_num_rows($result) == 1) {
        $_SESSION['username'] = $username;
        header('Location: changepassword.php');
    } else {
        echo '用户名或密码错误！';
    }

    mysqli_close($conn);
}
?>

In this file, we first enable the session, and then determine whether the username and password are passed. If so, we connect to the database and determine whether the username and password are correct. If correct, we save the username in the session and jump to the password change page changepassword.php. Otherwise, we prompt the user that the username or password is incorrect.

Next, we write the changepassword.php file to implement the function of changing the login password. The following is the code:

<?php
session_start();

if (!isset($_SESSION['username'])) {
    header('Location: login.php');
    exit();
}

if (isset($_POST['oldPassword']) && isset($_POST['newPassword'])) {
    $username = $_SESSION['username'];
    $oldPassword = $_POST['oldPassword'];
    $newPassword = $_POST['newPassword'];

    // 连接数据库，修改密码
    $conn = mysqli_connect('localhost', 'root', 'password', 'my_db');
    if (!$conn) {
        die('连接数据库失败！');
    }

    $sql = "UPDATE users SET password='$newPassword' WHERE username='$username' AND password='$oldPassword'";
    $result = mysqli_query($conn, $sql);

    if ($result) {
        echo '密码修改成功！';
    } else {
        echo '密码修改失败！';
    }

    mysqli_close($conn);
}
?>

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>修改密码页面</title>
    </head>
    <body>
        <h1>修改密码页面</h1>
        <form action="changepassword.php" method="post">
            <label for="oldPassword">旧密码：</label>
            <input type="password" id="oldPassword" name="oldPassword" required>
            <br>
            <label for="newPassword">新密码：</label>
            <input type="password" id="newPassword" name="newPassword" required>
            <br>
            <input type="submit" value="修改密码">
        </form>
    </body>
</html>

In this file, we first determine whether the user is logged in, and if not logged in, return to the login page. Then we determine whether the user has submitted a form to change the password. If so, we get the user name, old password and new password from the session, connect to the database, perform the password change operation, and finally prompt the user whether the operation is successful or failed.

The above is the login password modification code written in PHP. Through this code, users can modify their passwords after logging in, thereby improving the security of the account. Of course, in actual development, some security issues need to be considered, such as encrypting user passwords and restricting read and write permissions on the database.

The above is the detailed content of PHP login password modification code. For more information, please follow other related articles on the PHP Chinese website!