No luck after adding the error code, no errors display and it still just redirects me to error page at bottom and does not update database. I know it is connecting to the database ok because the first to conditions come back with the echos if not met correctly.
Below is the complete script code minus personal info. You will notice that I changed the sha1 mysql code slightly to see if that made a difference, but no go.
Other help is appreciated.
Thanks!
kaiman
// connects to server and selects database.
include ("dbconnect.inc.php");
// table name
$tbl_name="registered_members";
// generates random password
// include ("randompass.inc.php");
// generates random password with the following letters and numbers
function randomPass($length) {
$letters = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 0, 1, 2, 3, 4, 5, 6, 7, 8, 9);
$newpass = "";
for($i = 0; $i < $length; $i++) {
$newpass .= $letters[rand(0,61)];
}
return $newpass;
}
// returns random 8 character password
$pass = randomPass(;
// protects against mysql injection
function cleanString($string){
htmlentities(mysql_real_escape_string($string));
return $string;
}
// values sent from form
$username = cleanString($_POST['username']);
$email = cleanString($_POST['email']);
// check for empty fields
if (empty($username) || empty($email)) {
echo "Please Complete All Form Fields";
exit ;
}
//account check
$sql="SELECT count(*) FROM $tbl_name WHERE username='$username' and email='$email'";
$result=mysql_query($sql);
$num = mysql_result($result,0);
//check to see if username and email exists or not.
if($num < 1){
echo "That Username or Email Address Does Not Match Our Records. Please Provide A Valid Username and Email Address.";
exit();
}
// if username and email is found update data in database
$sql="UPDATE $tbl_name SET pass=sha1('$pass') WHERE username='$username' and email='$email'";
$result=mysql_query($sql);
echo mysql_error();
// if data is successfully updated in database, send email to user
if($result){
// send e-mail to
$to="$email";
// your subject
$subject="Password Reset";
// from
$header="from: Email <email@domain.com>";
// your message
$message=
"Dear $email,\n\n" .
"Your password has been reset.\n\n" .
"Your temporary password is $pass.\n\n" .
"To complete the process, please login to http://domain.com/ and change your password.\n\n" .
"If you believe you recieved this email in error or need further assistance\n" .
"please email email@domain.com\n\n" .
"Sincerely,\n\n" .
"Domain\n" .
"http://domain.com\n";
// send email
$sentmail = mail($to,$subject,$message,$header);
}
// if not found
else {
echo "Could Not Send Email";
}
// if your email was succesfully sent
if($sentmail){
header( "Location: http://domain.com/success/" );
}
else {
header( "Location: http://domain.com/error/" );
exit;
}
?>