You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.5 KiB
48 lines
1.5 KiB
<?php
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
|
|
require_once "database.php";
|
|
|
|
$token = $_REQUEST["token"];
|
|
$token_link = "token=" . $_REQUEST["token"];
|
|
list($user_id, $enc_user_name, $login_dt) = explode(".", $token);
|
|
|
|
$old_pwd = $_REQUEST['old_pwd'];
|
|
$new_pwd = $_REQUEST['new_pwd'];
|
|
|
|
$data = array(); # 設置一個空陣列來放資料
|
|
$real_user_id = "";
|
|
$real_pwd = "";
|
|
$sql = "SELECT * FROM account where ((accountid = '$user_id') and (pwd = '$old_pwd'))"; # sql語法存在變數中
|
|
$data = mysqli_query($link, $sql); # 用mysqli_query方法執行(sql語法)將結果存在變數中
|
|
foreach ($data as $data) {
|
|
$real_user_id = $data['accountid'];
|
|
$real_pwd = $data['pwd'];
|
|
}
|
|
|
|
#如果帳號密碼都正確才可update
|
|
if (strlen($real_user_id) > 0) {
|
|
$sql_query = "UPDATE account set pwd = '$new_pwd' where ((accountid = '$user_id') and (pwd = '$old_pwd'))";
|
|
mysqli_query($link, $sql_query);
|
|
$result_message = "
|
|
<script>
|
|
alert('修改成功!');
|
|
location.href='change-password.php?" . $token_link . "';
|
|
</script>
|
|
";
|
|
} else {
|
|
$result_message = "
|
|
<script>
|
|
alert('帳號密碼錯誤!');
|
|
location.href='change-password.php?" . $token_link . "';
|
|
</script>
|
|
";
|
|
}
|
|
echo $result_message;
|
|
}
|
|
|
|
mysqli_close($link);
|
|
?>
|
|
<script>
|
|
|
|
</script>
|