Показать ошибку PHP при отправке

Question

Я пытаюсь вывести сообщение об ошибке, когда пользователь вводит текущий пароль, и это правильно, но ничего больше не вводит. Так, например, Пользователь хочет изменить свой пароль, вводит текущий и правильно его подает. Он должен отображать сообщение об ошибке «Пожалуйста, введите все поля!». Сейчас это просто ничего, и я действительно застрял :(

Любая помощь будет большим

IMAGE 1: http://gyazo.com/e58f10783bf14c79de487f4eeb05f7e8

IMAGE 2: http://gyazo.com/ea789cc87166cea88453d6c1c59733b6

(здесь следует сказать, пожалуйста, заполнить все поля)

Мой код:

<title>Hondac</title> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'> 
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" /> 



<?php 
session_start(); 



$username = $_SESSION['sess_user']; 

    echo '<div class="search1"><h2>'.$username.'</h2><div class="search12"><h2><a href="index.php">Home</a></h2></p></div></div>'; 


    if (isset($_SESSION['sess_user'])) 
    { 
     //user is logged in 

     if (isset($_POST['submit'])) 
     { 
      //start changing password 
      //check fields 

      $oldpassword = md5($_POST['oldpassword']); 
      $newpassword = md5($_POST['newpassword']); 


      $repeatnewpassword = md5($_POST['repeatnewpassword']); 


      //check password against db 
      include('../includes/config.php'); 

      $queryget = mysql_query("SELECT password FROM login WHERE username='$username'") or die ("change password failed"); 
      $row = mysql_fetch_assoc($queryget); 
      $oldpassworddb = $row['password']; 

      //check passwords 
      if ($oldpassword==$oldpassworddb && !empty($_POST['oldpassword'])) 



      { 



       if (isset($_POST['repeatnewpassword']) AND isset($_POST['newpassword']) AND $_POST['newpassword'] != '') { 
        if ($newpassword==$repeatnewpassword) 
        { 
         $querychange = mysql_query("UPDATE login SET password='$newpassword' WHERE username='$username'"); 
         echo "<div class='successmate'><br><br><br><br><hr>Password has been changed!</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index.php'><br><br></a></p></h2></div>"; 
        } 
        else {echo "<div class='results'>new password(s) dont match</div><div class='successmate'><br><br><h2><p><a href='changepassword.php'>try again?</a></p></h2></div>";} 

       } 




      } 
      else {echo "<div class='results'>current password doesnt match</div><div class='successmate'><h2><p><a href='changepassword.php'><br><br>Try again?</a></p></h2></div>";} 





      if (isset($_POST['email']) AND $_POST['email'] != '') { 
       $querychange = mysql_query("UPDATE login SET email='$email' WHERE username='$username'"); 
       echo "<div class='successmate'><br><br><br><br><hr>Your email has been changed</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index.php'><br><br></a></p></h2></div>"; 
      }} 


     else 
     { 

      echo" 
     <form class='search1' action='changepassword.php' method='POST'> 
     <label>Current Password:*</label> <input type='password' id='password' name='oldpassword' required><p> 
     <label>New Password:*</label> <input type='password' id='password' name='newpassword'><p> 
     <label>Repeat New Password:*</label> <input type='password' name='repeatnewpassword'><p> 
     <input type='submit' name='submit' class='submit' value='submit'><br><br><br> 
     </form> 
     "; 


     }} 
    else 
     die ("You must be logged in to change your password"); 


    ?> 

<img src="../images/main.jpg"> 

Answer 1

Проверьте, чтобы увидеть, если поля пусты:

if(empty($newpassword) || empty($repeatnewpassword)){ 
    echo 'All fields required.'; 
}else{ 
    //continue with code 
} 

Answer 2

Я сделал класс VALIDATE пользователя, чтобы проверить пустой и соответствия новым и новым подтвердили. Я не полностью читал ваш код (я слишком много думал), но теперь я думаю, что это может работать немного лучше. Я не могу проверить ваш sql-материал, но все остальное должно работать очень хорошо.

<?php session_start(); 

    error_reporting(E_ALL); 

    class UserValidate 
     { 
      protected $config; 
      public $errorCode; 

      // This sets the default directory for your config file 
      public function __construct($config = '../includes/config.php') 
       { 
        $this->config = $config; 
       } 

      // This gathers errors 
      public function errors($value = '',$code = 'general') 
       { 
        $this->errorCode[$code] = $value; 
       } 

      // This checks if your new passwords are 1) empty 2) match 
      public function CheckEqualNew($newpass1 = '',$newpass2 = '') 
       { 
        // If new password is empty 
        $valid[] = (!empty($newpass1))? 0:1; 
        // If new password confirm is empty 
        $valid[] = (!empty($newpass2))? 0:1; 

        // If all is good 
        if(array_sum($valid) == 0) { 
          // Check that the new and new confirmed equal each other 
          if(md5($newpass1) == md5($newpass2)) 
           $_isValid = 1; 
          else { 
            $_isValid = 0; 
            $this->errors('New Passwords Must Match','match'); 
           } 
         } 
        // one of the new passwords are empty 
        else 
         // assign an error 
         $this->errors('Cannot have empty passwords','match'); 

        // Return the validity 
        return (!isset($_isValid) || $_isValid == 0)? false:true; 
       } 

      // This will check your database to see if username and password match 
      public function Validate($username = '',$password = '') 
       { 
        if(!empty($username) && !empty($password)) { 
          include($this->config); 
          $username  = mysql_real_escape_string($username); 
          $password  = md5($password); 
          $sql   = "SELECT password FROM login WHERE username='$username' and password = '$password'"; 
          $query   = mysql_query($sql) or die ("change password failed"); 
          $row   = mysql_fetch_assoc($query); 
         } 
        else 
         $this->errors('Username/Password Can Not Be Empty','err'); 

        return ((isset($row['password']) && !empty($row['password'])) || !isset($row))? true:false; 
       } 

      // This will update the password 
      public function UpdatePassword($info = array()) 
       { 
        if(!empty($info)) { 
          include($this->config); 
          $username = md5($info['username']); 
          $password = md5($info['password']); 
          $sql  = "UPDATE login SET password='$password' WHERE username='$username'"; 
          mysql_query($sql); 
         } 
        else 
         $this->errors('Values can not be empty.','update'); 
       } 

      // This will update the email address for the account 
      public function UpdateEmail($info = array()) 
       { 
        include($this->config); 
        $email  = $info['email']; 
        $username = $info['username']; 
        $sql  = "UPDATE login SET email='$email' WHERE username='$username'"; 
        mysql_query($sql); 
       } 

      // This will display your errors and success 
      public function Display($err = '',$result = 'success') 
       { ?> 
       <div class='successmate' style="margin-bottom: 20px;"> 
        <h2><?php echo $err; ?></h2> 
       </div> 
       <div class='successmate' style="margin-bottom: 20px;"> 
        <hr> 
        <h2><a href='<?php echo ($result == 'success')? "index.php":"changepassword.php"; ?>'><?php echo ($result == 'success')? "Thank You!":"Try again?"; ?></a></h2> 
       </div> 

        <?php 
       } 
     } ?> 
<title>Hondac</title> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'> 
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" /> 
<?php 
    $_SESSION['sess_user']  = 'me'; 

    // Assign username from session 
    if(isset($_SESSION['sess_user'])) 
     $username = $_SESSION['sess_user']; ?> 

    <div class="search1"> 
     <h2><?php echo $username; ?></h2> 
     <div class="search12"> 
      <h2><a href="index.php">Home</a></h2></p> 
     </div> 
    </div> 
    <?php 
    // If the session is set, continue 
    if (isset($_SESSION['sess_user'])) { 

      // Create instance of your user app 
      $vEngine = new UserValidate(); 

      // If user submits change, validate 
      if(isset($_POST['submit'])) { 
        // This only checks the validity of your new passwords 
        // If empty or equal 
        $valiate_new  = $vEngine->CheckEqualNew($_POST['newpassword'],$_POST['repeatnewpassword']); 

        if($valiate_new == true) 
         // This will check db if old password is valid 
         $valiate_old  = $vEngine->Validate($username,$_POST['oldpassword']); 
       } 

      // If you want to see raw errors uncomment 
     // print_r($vEngine->errorCode); 

      // If both new and old passwords are set 
      // I would block here if one of these comes back as false 
      // but that is up to you 
      if(isset($valiate_new) && isset($valiate_old)) { 
        // Valid Old 
        if ($valiate_old == true) { 
          // Valid new 
          if ($valiate_new == true) { 
            // Successful update 
            $vEngine->UpdatePassword(array("username"=>$username, "password"=>$_POST['newpassword'])); 
            // Display success message 
            $vEngine->Display("You have successfully changed your password."); 
           } 
          else 
           // Display failure message -> a match error 
           $vEngine->Display($vEngine->errorCode['match'],'err'); 
         } 
        else 
         // Display failure message -> a match error 
         $vEngine->Display($vEngine->errorCode['match'],'err'); 

        // filter_var for email validation 
        if (isset($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { 
          // Update 
          $vEngine->UpdateEmail(array("email"=>$_POST['email'],"username"=>$username)); 
          // Display success message 
          $vEngine->Display("You have successfully changed your email."); 
         } 
       } 
      else { ?> 

      <form class='search1' action='changepassword.php' method='POST'> 
       <label>Current Password:*</label> <input type='password' id='password' name='oldpassword' required><p> 
       <?php if(isset($vEngine->errorCode['invalid'])) echo $vEngine->errorCode['invalid']; ?> 
       <label>New Password:*</label> <input type='password' id='password' name='newpassword'><p> 
       <label>Repeat New Password:*</label> <input type='password' name='repeatnewpassword'><p> 
       <?php if(isset($vEngine->errorCode['match'])) echo $vEngine->errorCode['match']; ?> 
       <input type='submit' name='submit' class='submit' value='submit'><br><br><br> 
      </form> 
      <?php 
       } 
     } 
    else 
     die ("You must be logged in to change your password"); ?> 

<img src="../images/main.jpg"> 

Answer 3

Убедитесь, что вы начали сеанс перед любым выходом HTML. Вам нужно выяснить, содержат ли поля пароля какие-либо данные или нет, только тогда вы их обработаете. Вам также необходимо убедиться, что ваши запросы завершаются, как ожидалось, если не вывести ошибку. Я добавил некоторые сообщения об ошибках и, надеюсь, это сработает для вас.

<?php 
session_start(); 
?> 
<title>Hondac</title> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'> 
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" /> 
<?php 
if (isset($_SESSION['sess_user'])) { 
    $username = $_SESSION['sess_user']; 
    echo '<div class="search1"><h2>'.$username.'</h2><div class="search12"><h2><a href="index.php">Home</a></h2></p></div></div>'; 
} else { 
    echo "session not started!"; 
} 

if (isset($_SESSION['sess_user'])) { 
     //user is logged in 

     if (isset($_POST['submit'])) { 
      //start changing password 
      //check fields 

      if (!empty($_POST['oldpassword'])) { 
      $oldpassword = md5($_POST['oldpassword']); 
      } else { 
       echo "Please enter your current password."; 
       exit; 
      } 
      if (!empty($_POST['newpassword'])) { 
      $newpassword = md5($_POST['newpassword']); 
      } else { 
       echo "Please enter a new password."; 
       exit; 
      } 
      if (!empty($_POST['oldpassword'] && $_POST['newpassword'] && $_POST['repeatnewpassword'])) { 
      $repeatnewpassword = md5($_POST['repeatnewpassword']); 
      } else { 
       echo "Please confirm new password."; 
       exit; 
      } 

      //check password against db 
      include('../includes/config.php'); 

      $queryget = mysql_query("SELECT `password` FROM `login` WHERE `username`='$username'"); 
      if (!$queryget) { 
       die('Query failed: ' . mysql_error()); 
      } 
      $numrows = mysql_num_rows($queryget); 
      if ($numrows != 1) { 
       echo "<div class='results'>Password change failed.</div><div class='successmate'><br><br><h2><p><a href='changepassword.php'>try again?</a></p></h2></div>"; 
      } else { 
       $row = mysql_fetch_assoc($queryget); 
       $oldpassworddb = $row['password']; 
      } 

      //check passwords 
      if ($oldpassword==$oldpassworddb) { 

       if ($newpassword==$repeatnewpassword) { 
        $querychange = mysql_query("UPDATE `login` SET `password`='$newpassword' WHERE `username`='$username'"); 
        if (!$querychange) { 
         die('Query failed: ' . mysql_error()); 
        } 
        echo "<div class='successmate'><br><br><br><br><hr>Password has been changed!</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index.php'><br><br></a></p></h2></div>"; 
       } else { 
        echo "<div class='results'>new password(s) don't match</div><div class='successmate'><br><br><h2><p><a href='changepassword.php'>try again?</a></p></h2></div>"; 
       } 

      } else { 
       echo "<div class='results'>Current password doesn't match</div><div class='successmate'><h2><p><a href='changepassword.php'><br><br>Try again?</a></p></h2></div>"; 
      } 

      if (isset($_POST['email']) && $_POST['email'] != '') { 
       $querychange = mysql_query("UPDATE `login` SET `email`='$email' WHERE `username`='$username'"); 
       if (!$querychange) { 
        die('Query failed: ' . mysql_error()); 
       } 
       echo "<div class='successmate'><br><br><br><br><hr>Your email has been changed</hr></div><div class='successmate'><br><hr><br><h2><p><a href='index.php'><br><br></a></p></h2></div>"; 
      } 

     } else { 

      echo" 
      <form class='search1' action='changepassword.php' method='POST'> 
      <label>Current Password:*</label> <input type='password' id='password' name='oldpassword' required><p> 
      <label>New Password:*</label> <input type='password' id='password' name='newpassword'><p> 
      <label>Repeat New Password:*</label> <input type='password' name='repeatnewpassword'><p> 
      <input type='submit' name='submit' class='submit' value='submit'><br><br><br> 
      </form> 
      "; 

     } 

} else { 
    echo "You must be logged in to change your password"; 
    exit; 
} 

?>