PHP password change system, the password is still changed after entering the wrong password-PHP Chinese Network Q&A

<?php 
  session_start (); 
  $username = $_REQUEST ["username"]; 
  $oldpassword = $_REQUEST ["oldpassword"]; 
  $newpassword = $_REQUEST ["newpassword"]; 
  $con = mysql_connect ( "localhost", "root", "root" ); 
  if (! $con) { 
    die ( '数据库连接失败' . $mysql_error () ); 
  } 
  mysql_select_db("mtdb",$con);
  $dbusername = null; 
  $dbpassword = null; 
  $result = mysql_query ( "select * from t_account where username ='{$username}'" ); 
  while ( $row = mysql_fetch_array ( $result ) ) { 
    $dbusername = $row ["username"]; 
    $dbpassword = $row ["password"]; 
  } 
  if (is_null ( $dbusername )) { 
    ?> 
  <script type="text/javascript"> 
    alert("用户名不存在"); 
    window.location.href="changepasswd.html"; 
  </script>  
  <?php 
  } 
  if ($oldpassword!=$dbpassword) { 
    ?> 
  <script type="text/javascript"> 
    alert("密码错误"); 
window.location.href="changepasswd.html"; 
  </script> 
  <?php 
  } 
  mysql_query ( "update t_account set password='{$newpassword}' where username='{$username}'" ) or die ( "存入数据库失败" . mysql_error () );//如果上述用户名密码判定不错，则update进数据库中 
  mysql_close ( $con ); 
  ?> 
  <script type="text/javascript"> 
    alert("密码修改成功"); 
    window.location.href="changepasswd.html"; 
  </script>

The code is written according to http://blog.csdn.net/qazcxh/article/details/45726911. The problem now is that after entering the wrong password, it will prompt that the password is incorrect, but the database will be updated with the new one. Password, please tell me how to change it

reply all(3)

段旭涛2018-03-07 11:04:41 3 floor

After displaying the content, the php program will continue to execute until it encounters termination such as die(), exit() or until the execution is completed.
So there are two ways to deal with your problem

1. Add die after judgment
2. Put the code after judgment into else

Like +0

Add Reply

reply Yes, it was solved after adding die after judgment. When I first started learning PHP, I felt a little overwhelmed after a few more IFs. Why is the CSDN article so imprecise? I put it up without actually testing it. I was also drunk. Fortunately, it didn't cause too much damage. .

**哥是标准身材。 author 2018-03-07 11:08:36

黄天敏2018-03-06 16:39:58 2 floor

if ($oldpassword!=$dbpassword) {

alert("Password Error");

window.location.href="changepasswd.html";

</script>

<?php

mysql_query ( "update t_account set password='{$newpassword}' where username='{$username}'" ) or die ( "Failed to save to database" . mysql_error () );//If the above username and password are judged well, then update into the database

}

mysql_close ($con);

这样你吧更新语句放外面，无论什么密码都会更新啊= = 还有 mysql不要用了尽量使用mysqli吧

reply I put it in as you said, and it still looks like this - -

**哥是标准身材。 author 2018-03-06 17:52:43

reply Thank you, it has been solved according to the method of the master on the first floor~!

**哥是标准身材。 author 2018-03-06 18:18:16

炎2018-03-06 16:33:46 1 floor

The simplest method is

In the password judgment, after judging that the password is incorrect, add die; to terminate the program

reply Thanks, it’s been taken care of~!

**哥是标准身材。 author 2018-03-06 18:18:04

reply You are welcome

炎 author 2018-03-07 09:10:20