Jump to content

bigahega

New Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

bigahega's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. bigahega
    I wrote a script for changing password but something was wrong i couldnt find any mistakes :-\ Can you say me the mistakes i really need this :s My pass_change.html(only form part): <FORM ACTION="test.php" METHOD="POST"> <table width="100%" border="0" cellpadding="2" cellspacing="0" class="style3"> <tr> <th colspan="2"><div align="center"><span class="pageName">Change Password</span></div></th> </tr> <tr> <td width="50%"><div align="right">ID : </div></td> <td width="50%"><input type="TEXT" name="ID" /></td> </tr> <tr> <td><div align="right">Secret Question : </div></td> <td><input type="TEXT" name="hint" /></td> </tr> <tr> <td><div align="right">Answer : </div></td> <td><input type="PASSWORD" name="hint_answr" /></td> </tr> <tr> <td><div align="right">New Password : </div></td> <td><input type="PASSWORD" name="new_pass" /></td> </tr> <tr> <td><div align="right">New Password (verify) : </div></td> <td><input type="PASSWORD" name="new_pass_verify" /></td> </tr> <tr> <td> </td> <td><input name="SUBMIT" type="SUBMIT" value="Change" /> <input name="RESET" type="RESET" value="Reset" /></td> </tr> </table> </FORM> and this is the PHP script(test.php): <? include("settings.php"); $connect = odbc_connect("$dbname", "$dbuser", "$dbpass"); $query="SELECT * FROM TB_USER where strAccountID = '".$id."'"; $result=odbc_exec($connect,$query); $row=odbc_fetch_array($result); $hint = $_POST['hint']; $answer = $_POST['hint_answr']; $id = $_POST['ID']; $hint_question = $row[secret]; $hint_answr = $row[answer]; if(empty($_GET['pg'])){ } elseif($_GET['pg'] == 'change'){ if(($_POST["new_pass"]==$_POST["new_pass_veify"]) && ($hint==$hint_question) && ($answer==$hint_answr)){ $pass_chng_job="SELECT COUNT(strACcountID) FROM TB_USER WHERE strAccountID = '".$id."'"; $pss_chng = odbc_exec($connect, $pass_chng_job); odbc_fetch_row($pss_chng); if (odbc_result($pss_chng,1) > 0) { $psschange = "UPDATE TB_USER SET strPasswd = '".$_POST['new_pass']."' WHERE strAccountID = '".$id."'"; $resultr=odbc_exec($connect,$psschange) or die($lang[27]); $pass = "<center> Changing Password Succesfull! </center>"; } else { $pass = "<center> Wrong Password ! <a href='pass_change.html'>Change</a> </center>"; } } else {$pass = "<center> Please Try Again ! <a href='pass_change.html'>...</a> </center>";} echo $pass; } ?> Thnx for your replies... :'(
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.