Mr-Chidi

Hi all,

I am going bald on this one.

I wonder what could be wrong. I could login to my local server but cant login in a live server!

 

thanks all

 

<?php



if(isset($_POST['login'])){



$tbl_name="reg_users";



// Define $myusername and $mypassword

$username=$_POST['username'];

$password=$_POST['password'];



// To protect MySQL injection

$username = stripslashes($username);

$password = stripslashes($password);

$username = mysql_real_escape_string($username);

$password = mysql_real_escape_string($password);



if($username == ''){

    echo  "<font color='red' size='-2'><b>Pls Enter User ID</b></font>";

}

if($password == ''){

    echo "<font color='red' size='-2'><b>Pls Enter Password</b></font>";

}else{

$crypt_pass = md5($password);



//check for existance of username and password

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$crypt_pass'";

$result=mysql_query($sql);



// Mysql_num_row is counting table row

$count=mysql_num_rows($result);



// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

    

// Register username and password and redirect to login page"

$_SESSION['username'] = $username;

$_SESSION['password'] = $password;



header("location: ../folder/filename.php");

exit();

}

else {

//if no match found, echo out error message

echo "<font color='red' size='2'><b>Invalid User ID or Password</b></font><br>";

}    }

 }

ob_end_flush();

?>

Hi all,

Below is a code to reset forgoten password, but i do not know why i cannot login with the resetted password?

ps: echo $password is to get the echoed password so that i can login with it.

Thanks

<?php

if(isset($_POST['submit'])){
	
	
	
	$email = addslashes(htmlentities($_POST['email']));
	
	if($email == ''){
		echo "<font color='#990000'><b><center>Email field empty</center></b></font>";
	}
	elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
		echo "<font color='#990000'><b><center>Invalid email address</center></b></font>";
	}else{
		$q = "SELECT * FROM reg_users WHERE email = '$email' AND username = '$_SESSION[uname]' AND Security_no = '$_SESSION[sec_no]'";
		$r = mysql_query($q);
		if(mysql_num_rows($r)== 1){

		// Generate a random password
		$password = "";
		$alpha = array_merge(range('a','z'), range('A','Z'), range(2,9));
		$rand_key = array_rand($alpha, 6);
		foreach ($rand_key as $curKey){
		$password .= $alpha[$curKey];
		echo $password;
}
		echo "<br><br>";
		$crypt_pass = md5($password);
				
		//update the user password
		$q = "UPDATE reg_users SET password = '$crypt_pass' WHERE email = '$email' AND Security_no = '$_SESSION[sec_no]'";
		$r = mysql_query ($q) or die('Cannot complete update');
		
		//send mail
		$to = "jamboree@yahoo.com"; //$_POST['email'];
		$from = "forgot@example.com";
		$subject = "New password";
		$msg = "You recently requested that we send you a new password for fredcom.com. Your new password is: $password.\n
				Please log in at this URL: http://localhost/login.html \n
				Then go to this address to change your password: http://localhost/changepass.php";
				
		$success = mail("$to","$subject","$msg","From: $from\r\nReply-To:webmaster@example.com");
		
		if($success){
			echo "Password have been sent to you email address";
		}
		
		}else{
			echo "<font color='#990000'><b>Sorry, no such record in our databsae</b></font>";
		}
	}

}

?>

Hi all.

pls what could be wrong with this code? its saying undefined variable "password".

ps, if there's a better way, pls I won't mind knowing it.

thanks

hi.
I know next to nothing about Javascript but I want something done and I believe its Javascript that can do it for me. I want to integrate/add an uploading metre to my PHP code, so that when a user is transferring or uploading a file, it shows/pop out the metre to indicate the percentage done.

thanks

Hi all.

My code runs fine but one problem: i want the "user is invalid" to validate last. i don't know why when i lleave the security code empty and click submit, it brings out two validation error (1) security number missing (2) invalid user, but the idea is for the invalid user to be validated last. what could be the problem. (hope i am getting my question right.

secondly, i believe my coding needs prunning (not the right way) i wouldnt mind a correction on how to do it rightly.

thanks

code below

<?php

if(isset($_POST['submit'])){
    
    //post variables
    $sec_no = mysql_real_escape_string(stripslashes($_POST['sec_no']));
    $uname = mysql_real_escape_string(stripslashes($_POST['uname']));
    
    //validate entry
    if($sec_no == ''){
        //$er1 = "<font color=red><b>Security Number Missing</b></font><br>";
        echo "<font color=red><b>Security Number Missing</b></font><br>";
    }
    if($uname == ''){
        //$er2 = "<font color='red'><b>Username Missing</b></font>";
        echo "<font color='red'><b>Username Missing</b></font>";
        
    }else{
    
    // check for valid user
    $q = "SELECT * FROM reg_users WHERE username = '$uname' AND Security_no = '$sec_no'";
    $r = mysql_query($q);
    
    if(mysql_num_rows($r)==1){
    
        $row = mysql_fetch_array($r);
        
        if($row){
            
            $p = substr ( md5(uniqid(rand(),1)), 3, 10);

            
            $q = "UPDATE reg_users SET password = '".md5('$p')."' WHERE username = '$uname' AND Security_no = '$sec_no'";
            $r = mysql_query($q);
            
            if($r){
                echo "<font color='blue'><b>password changed</b></font>";
            }else{
                echo "<font color='red'><b>password not changed this time</b></font>";
            }
        }
        
    }    else{
        echo "<font color='red'><b>user is invalid</b></font>";
    }
    }
    }
?>