我的电子邮件验证码有啥问题?

Posted

技术标签:

【中文标题】我的电子邮件验证码有啥问题?【英文标题】:What's wrong with my email verification code?我的电子邮件验证码有什么问题? 【发布时间】:2013-07-31 03:00:41 【问题描述】:

好的,今天,我编辑了这段代码,它应该是为了让用户可以更改他们的电子邮件地址。在他们更改电子邮件地址后,它将向用户发送一封确认电子邮件。但是,相反,我被重定向到内部错误 500 页面。 :\ 有什么帮助吗?我看不出代码有什么问题..

<?php

include("session.php");
//Create game account
$mysqli = new mysqli("localhost", "root", "password", "data");

if(mysqli_connect_errno())
    echo("Sorry, the server is 'Under Maintainance'");
    exit();


$newemail = $mysqli->real_escape_string($_POST['email']);
$newemail = strtolower($newemail);
$password = $mysqli->real_escape_string($_POST['password']);
$hash     = sha1(strtolower($name) . $password);

if(!isset($name))
    header("Location:index");
else if($password == null || $password == "" || (strlen($password)) < 4 || strpos($password, '<') !== false || strpos($password, '>') !== false)
    header("Location:cemail?error=6");//Invalid password
else if($newemail == null || $newemail == "" || (strlen($newemail) <= 6 || strpos($newemail, '<') !== false || strpos($newemail, '>') !== false) || strpos($newemail, '@') == false || strpos($newemail, ".com") == false)
    header("Location:cemail?error=7");//Invalid Email address
else if($email == $newemail)
    header("Location:cemail?error=7");//Invalid Email address
else
    $result  = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");
    $row_cnt = $result->num_rows;
    $result->free();

    if($row_cnt != 0)
        header("Location:cemail?error=3");//Email already taken
    else

        $result  = $mysqli->query("SELECT * FROM characters WHERE originemail='$newemail' && name!='$name'");
        $row_cnt = $result->num_rows;
        $result->free();

        if($row_cnt != 0)
            header("Location:cemail?error=3");//Email already taken
        else

            $result = $mysqli->query("SELECT * FROM characters WHERE name='$name'");

            /* fetch associative array */
            while($row = $result->fetch_assoc())
                $pass        = $row['pass'];
                $originemail = $row['originemail'];
            

            /* free result set */
            $result->free();

            if($hash != $pass)
                header("Location:cemail?error=6");//Invalid Password Match
            else
                $mysqli->query("UPDATE characters SET email='$newemail' WHERE name='$name'");

//Send Email to confirm 
                $to      = $newemail . ", " . $originemail;
                $subject = "Your email address has now been successfully changed!";
                $body    = "This is a notification regarding the recent change(s) made to your Legion Online account: " . $username . "
\n\n
Your email address has recently been modified through the Legion Online website. If you made this email address change, please disregard this notification. If you did not change your email address, please visit the account recovery page to ensure your account is secure.\n\nEmail addresses connected to this account: \n" . $originemail . "(primary)\n" . $newemail;
                $headers = "From: AccountSupport@ArchStudios.net" . "\r\n";
                if(mail($to, $subject, $body, $headers))
                    header("Location:accountsettings");
                else
                    echo "Email request failed.";
                
            
        
    

$mysqli->close();
?>

【问题讨论】:

查看错误日志,看看错误是什么。 或者如果您找不到错误日志,请将ini_set('display_errors', 1); 临时添加到文件顶部(&lt;?php 正下方)。请务必在之后将其删除。 请注意,您编辑的密码仍在编辑历史记录中。 您在使用$name 之前没有声明它 - $hash = sha1(strtolower($name) . $password); 我强烈建议您在任何使用它的地方更改密码。 【参考方案1】:

变量 $name 只有一个单引号:

$result=$mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");

复制这个:

$result=$mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name'");

【讨论】:

【参考方案2】:

不要忘记关闭单引号/双引号。

替换

$mysqli = new mysqli("localhost", "root", "password", "data);
$result  = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");

通过

$mysqli = new mysqli("localhost", "root", "password", "data");
$result  = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name'");

【讨论】:

感谢语法高亮 请注意,“数据”后面缺少的引号只是匿名代码时的错误,而不是他遇到的实际问题。

以上是关于我的电子邮件验证码有啥问题?的主要内容,如果未能解决你的问题,请参考以下文章

LinkedIn + 电子邮件的这个 Oauth 流程有啥问题?

SDL 物理键码和 SDL 虚拟键码有啥区别?

有啥方法可以将电子表格嵌入到 Android 应用程序中?

有啥方法可以在烧瓶邮件中命名附加的 pdf 文件?

这个 gmail smtp 代码有啥问题?

我的联系表单验证的小错误。电子邮件验证与我的其余代码纠缠不清