您的位置: 首页  >  技术问答  >  PHP上提交变量'passkey'下降停止UPDATE到数据库

PHP上提交变量'passkey'下降停止UPDATE到数据库

分类: 技术问答 2022-03-18 10:26:46

PHP上提交变量'passkey'下降停止UPDATE到数据库

问题描述:

When a user selects their account activation link they are taken to a webpage with a welcome message, and a request for them to update their account details (set own password etc). Currently, the welcome request works fine, my code recognises the passkey (which is displayed in the URL code) and print the users name. However, my problem seems to come when the user selects the 'submit' button to update their details in the form. The variable of the passkey seems to drop, that on submission the details arent being stored to the database even though my PHP message tells me it is.

This is my code:

<?php
session_start();
include "includes/header.php";
include "includes/connect.php";
?>
<link rel="stylesheet" type="text/css" href="css/login.css">
<div class="jumbotron">
    <h1>New users</h1>
    <p>Register your details</p>
</div>
    <?php
     $_SESSION['passkey']=$passkey;
     $passkey=$_GET['passkey'];

    $sql1="SELECT FirstName FROM users WHERE confirm_code ='$passkey'";
    $result1=mysqli_query($conn, $sql1);
    $count = mysqli_num_rows($result1);
    $updateactive="1";


    if ($count==1){
    $activeQuery = mysqli_query($conn, "UPDATE users SET Activate='$updateactive' WHERE confirm_code='$passkey'"); 
    if ($activeQuery) {

            $row = mysqli_fetch_row($result1);
            echo "Welcome " .$row[0]. " please update your details:";

        } else die('Invalid query: ' . mysqli_error());

    }else echo "Wrong Confirmation code";
    ?>

    <div class="container">
    <form class="form-activate" role="form" action="emailactivation.php" method="post">
        <h2 class="form-signin-heading">Register your details</h2>
        <p>*All fields are required</p>
        <input class="form-control" type="text" placeholder="Current password*" name="current_password" maxlength = "30" required autofocus>
        <input class="form-control" type="text" placeholder="New password*" name="new_password" maxlength = "30" required autofocus>
        <input class="form-control" type="text" placeholder="Confirm new password*" name="confirmnew_password" maxlength = "30" required autofocus>
        <select class="form-control" name="department_category">
            <option value="0">Department category*</option>
            <option value="1">Administrative services</option>
            <option value="3">Business Development</option>
            <option value="4">Health & Safety</option>
            <option value="5">Finance & Accounting</option>
            <option value="6">HR</option>
            <option value="7">IT</option>
            <option value="8">Legal</option>
            <option value="9">Research & Development</option>
            <option value="10">Sales</option>
            <option value="11">Science</option>
        </select>       
        <select class="form-control" name="role">
            <option value="0">Role*</option>
            <option value="1">Director</option>
            <option value="3">Manager</option>
            <option value="4">Graduate</option>
            <option value="5">Intern</option>
            <option value="6">Assistant</option>
            <option value="8">Head of department</option>
        </select>       
        <button class="btn btn-lg btn-primary btn-block" type="submit" name="submitdetails">Update details</button>  
    </form>
    </div>

    <?php
    if(isset($_POST['submitdetails'])){


    $rcpwd= trim($_POST['current_password']);
    $usrnewpwd= trim($_POST['new_password']);
    $usrconfirm_newpwd= trim($_POST['confirm_newpassword']);
    $usrdepartment=trim($_POST['department_category']);
    $usrrole=trim($_POST['role']);
        $updateactivationkey="2";
    $q2 = "SELECT * FROM users WHERE Password='$rcpwd' LIMIT 1;";
    $resultset2 = mysqli_query($conn,$q2);
    $rows2 = mysqli_num_rows($resultset2);

        if ($rows2==1){
            echo 'We will now update your details';
            //If all fields have data
        if (!empty($_POST)){

                        if($usrdepartment!=0){ 
                            if($usrrole!=0){
                echo"hello1";
                        //  $updateQuery = mysqli_query($conn,  "UPDATE users SET Password='$usrnewpwd', DepartmentID='$usrdepartment', RoleID='$usrrole' WHERE FirstName='$row[0]';"); 



        $updateQuery = mysqli_query($conn, "UPDATE users SET Activate='$updateactivationkey' WHERE confirm_code='$passkey';"); 

                            /
                            if ($updateQuery) {
                                echo 'Details have been added';



                            }else  die('Invalid query: ' .   mysqli_error());
                        }

                        else echo 'warning 1';
                    }
                    else echo 'warning2';
            } 
            else echo 'warning3'; 
        }
    else echo'<div class="login-error">Please fill in all fields</div>';
    }

    ?>
    <?php
    require "footer.php";
    ?>

Id appreciate any advice on this matter so that I can update the results according to the user. Thanks in advance.

Add a hidden field in the form as

<input type="hidden" name="passkey" value = "<?php echo $passkey ;?>">

So once you submit the form you can retrieve the data as

$passkey = $_POST["passkey"]

相关推荐