为什么 sql 查询更新密码而不是 运行 在网页的 php 脚本中?

Why the sql query to update password in not running in a php script of a webpage?

我正在创建一个网站,其中有两个数据库 table 的客户和自由职业者。现在我必须整合所有东西,比如个人资料凭证、密码、图像等。

最初,应用程序有两个不同的文件(在两个不同的文件夹中)。密码和其他个人资料凭证的更改,例如自由职业者和客户的姓名、用户名和电子邮件。 因此,为了将所有内容集成到单个文件中,我在客户端执行自由职业者 table 的所有 sql 查询。所有配置文件凭据都已成功更新,但密码未更新。我不明白为什么?

这是 Client/profile.php 文件

$client = new Client();
$freelancer = new Freelancer();

//Check if Client is logged in
if (!$client->isLoggedIn() && !$freelancer->isLoggedIn()) { 
    Redirect::to('../index.php');
}

//Get Instructor's Data
$query = DB::getInstance()->get("client", "*", ["clientid" => $client->data()->clientid]);
if ($query->count()) {
    foreach ($query->results() as $row) {
        $nid = $row->id;
        $name = $row->name; 
        $username = $row->username;
        $email = $row->email;
        $bgimage = $row->bgimage;
        $phone = $row->phone;
    }
}

//Edit Profile Data
if (isset($_POST['profile'])) {
    if (Input::exists()) {
        if (Token::check(Input::get('token'))) {

            $errorHandler = new ErrorHandler;

            $validator = new Validator($errorHandler);

            $validation = $validator->check($_POST, [
                'username' => [
                    'required' => true,
                    'maxlength' => 20,
                    'minlength' => 2
                ],
                'name' => [
                    'required' => true,
                    'maxlength' => 100,
                    'minlength' => 2
                ],
                'email' => [
                    'required' => true,
                    'maxlength' => 255,
                    'email' => true,
                ],
                'phone' => [
                    'required' => false,
                    'maxlength' => 10,
                    'minlength' => 10
                ]
            ]);

            if (!$validation->fails()) {


                $client->update([
                    'name' => Input::get('name'),
                    'username' => Input::get('username'),
                    'email' => Input::get('email'),
                    'phone' => Input::get('phone')
                ], [
                    'clientid' => $client->data()->clientid
                ]);

                if (count($client) > 0) {
                    $noError = true;
                } 
                else {
                    $hasError = true;
                }

                $freelancer->update([
                    'name' => Input::get('name'),
                    'username' => Input::get('username'),
                    'email' => Input::get('email'),
                    'phone' => Input::get('phone')
                ], [
                    'freelancerid' => $freelancer->data()->freelancerid
                ]);

                if (count($freelancer) > 0) {
                    $noError = true;
                } else {
                    $hasError = true;
                }
            } 
            else {
                $error = '';
                foreach ($validation->errors()->all() as $err) {
                    $str = implode(" ", $err);
                    $error .= '
               <div class="alert alert-danger fade in">
                <a href="#" class="close" data-dismiss="alert">&times;</a>
                <strong>Error!</strong> ' . $str . '
               </div>
               ';
                }
            }
        }
    }
}

/*Edit Password Data*/
if (isset($_POST['register'])) {
    if (Input::exists()) {
        if (Token::check(Input::get('token'))) {

            $errorHandler = new ErrorHandler;

            $validator = new Validator($errorHandler);

            $validation = $validator->check($_POST, [
                'password_current' => [
                    'required' => true,
                    'maxlength' => 300
                ],
                'password_new' => [
                    'required' => true,
                    'minlength' => 6
                ],
                'password_new_again' => [
                    'required' => true,
                    'match' => 'password_new'
                ]
            ]);

            if (!$validation->fails()) { //working fine

                if ( (Hash::make(Input::get('password_current'), $client->data()->salt) !== $client->data()->password) && (Hash::make(Input::get('password_current'), $freelancer->data()->salt) !== $freelancer->data()->password) ){
                    $hasError = true; 
                } 
                else {
                    $salt = Hash::salt(32);
                    
                    $changed_password = Hash::make(Input::get('password_new'), $salt);
                    
                     $client->update([
                        'password' => $changed_password, 
                        'salt' => $salt
                     ], [
                        'clientid' => $client->data()->clientid
                     ]);
                    $noError = true;
                }

                if (!$validation->fails()) { //not working
    
                    if (Hash::make(Input::get('password_current'), $freelancer->data()->salt) !== $freelancer->data()->password) {
                        $hasError = true;
                    } 
                    else {
                          $salt = Hash::salt(32);
                          $freelancer->update([
                            'password' => Hash::make(Input::get('password_new'), $salt),
                            'salt' => $salt
                              ],[
                            'freelancerid' => $freelancer->data()->freelancerid
                              ]);
                          $noError = true;
                }
            }
            
            else {
                $error = '';
                foreach ($validation->errors()->all() as $err) {
                    $str = implode(" ", $err);
                    $error .= '
               <div class="alert alert-danger fade in">
                <a href="#" class="close" data-dismiss="alert">&times;</a>
                <strong>Error!</strong> ' . $str . '
               </div>
               ';
                }
            }
        }
    }
}

这是Freelancer/profile.php更改密码的文件代码

if(isset($_POST['register'])){
    if (Input::exists()) {
        if (Token::check(Input::get('token'))) {
 
            $errorHandler = new ErrorHandler;
    
            $validator = new Validator($errorHandler);
    
            $validation = $validator->check($_POST, [
                'password_current' => [
                'required' => true,
                'maxlength' => 300
                ],
                'password_new' => [
                'required' => true,
                'minlength' => 6
                ],
                'password_new_again' => [
                'required' => true,
                'match' => 'password_new'
                ]
            ]);
         
            if (!$validation->fails()) {
    
                if (Hash::make(Input::get('password_current'), $freelancer->data()->salt) !== $freelancer->data()->password) {
                    $hasError = true;
                } 
                else {
                    $salt = Hash::salt(32);
                    $freelancer->update([
                        'password' => Hash::make(Input::get('password_new'), $salt),
                        'salt' => $salt
                        ],[
                        'freelancerid' => $freelancer->data()->freelancerid
                        ]);
                    $noError = true;
                }
      
            } 
            else {
                $error = '';
                foreach ($validation->errors()->all() as $err) {
                    $str = implode(" ",$err);
                    $error .= '
                        <div class="alert alert-danger fade in">
                        <a href="#" class="close" data-dismiss="alert">&times;</a>
                        <strong>Error!</strong> '.$str.'
                        </div>
                    ';
            }
        }   
        }
}
}

我的问题是,如果更改用户名、电子邮件和 phone 号码的查询工作正常,为什么 freelancer 的密码更改不起作用?

散列函数算法可以为同一个输入字符串提供两个加密字符串,因此当我为客户和自由职业者调用该函数两次时,两个不同的字符串存储在数据库中。