我的电子邮件验证码有啥问题?
Posted
技术标签:
【中文标题】我的电子邮件验证码有啥问题?【英文标题】:What's wrong with my email verification code?我的电子邮件验证码有什么问题? 【发布时间】:2013-07-31 03:00:41 【问题描述】:好的,今天,我编辑了这段代码,它应该是为了让用户可以更改他们的电子邮件地址。在他们更改电子邮件地址后,它将向用户发送一封确认电子邮件。但是,相反,我被重定向到内部错误 500 页面。 :\ 有什么帮助吗?我看不出代码有什么问题..
<?php
include("session.php");
//Create game account
$mysqli = new mysqli("localhost", "root", "password", "data");
if(mysqli_connect_errno())
echo("Sorry, the server is 'Under Maintainance'");
exit();
$newemail = $mysqli->real_escape_string($_POST['email']);
$newemail = strtolower($newemail);
$password = $mysqli->real_escape_string($_POST['password']);
$hash = sha1(strtolower($name) . $password);
if(!isset($name))
header("Location:index");
else if($password == null || $password == "" || (strlen($password)) < 4 || strpos($password, '<') !== false || strpos($password, '>') !== false)
header("Location:cemail?error=6");//Invalid password
else if($newemail == null || $newemail == "" || (strlen($newemail) <= 6 || strpos($newemail, '<') !== false || strpos($newemail, '>') !== false) || strpos($newemail, '@') == false || strpos($newemail, ".com") == false)
header("Location:cemail?error=7");//Invalid Email address
else if($email == $newemail)
header("Location:cemail?error=7");//Invalid Email address
else
$result = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");
$row_cnt = $result->num_rows;
$result->free();
if($row_cnt != 0)
header("Location:cemail?error=3");//Email already taken
else
$result = $mysqli->query("SELECT * FROM characters WHERE originemail='$newemail' && name!='$name'");
$row_cnt = $result->num_rows;
$result->free();
if($row_cnt != 0)
header("Location:cemail?error=3");//Email already taken
else
$result = $mysqli->query("SELECT * FROM characters WHERE name='$name'");
/* fetch associative array */
while($row = $result->fetch_assoc())
$pass = $row['pass'];
$originemail = $row['originemail'];
/* free result set */
$result->free();
if($hash != $pass)
header("Location:cemail?error=6");//Invalid Password Match
else
$mysqli->query("UPDATE characters SET email='$newemail' WHERE name='$name'");
//Send Email to confirm
$to = $newemail . ", " . $originemail;
$subject = "Your email address has now been successfully changed!";
$body = "This is a notification regarding the recent change(s) made to your Legion Online account: " . $username . "
\n\n
Your email address has recently been modified through the Legion Online website. If you made this email address change, please disregard this notification. If you did not change your email address, please visit the account recovery page to ensure your account is secure.\n\nEmail addresses connected to this account: \n" . $originemail . "(primary)\n" . $newemail;
$headers = "From: AccountSupport@ArchStudios.net" . "\r\n";
if(mail($to, $subject, $body, $headers))
header("Location:accountsettings");
else
echo "Email request failed.";
$mysqli->close();
?>
【问题讨论】:
查看错误日志,看看错误是什么。 或者如果您找不到错误日志,请将ini_set('display_errors', 1);
临时添加到文件顶部(<?php
正下方)。请务必在之后将其删除。
请注意,您编辑的密码仍在编辑历史记录中。
您在使用$name
之前没有声明它 - $hash = sha1(strtolower($name) . $password);
我强烈建议您在任何使用它的地方更改密码。
【参考方案1】:
变量 $name 只有一个单引号:
$result=$mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");
复制这个:
$result=$mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name'");
【讨论】:
【参考方案2】:不要忘记关闭单引号/双引号。
替换
$mysqli = new mysqli("localhost", "root", "password", "data);
$result = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name");
通过
$mysqli = new mysqli("localhost", "root", "password", "data");
$result = $mysqli->query("SELECT * FROM characters WHERE email='$newemail' && name!='$name'");
【讨论】:
感谢语法高亮 请注意,“数据”后面缺少的引号只是匿名代码时的错误,而不是他遇到的实际问题。以上是关于我的电子邮件验证码有啥问题?的主要内容,如果未能解决你的问题,请参考以下文章