Hexagon

First, thanks for your input, I have changed the code dramatically and reverted to md5 just so i can test everything because i have no experience with the password_hash. <?php $u=""; //stripping both strings of white spaces $newpass = preg_replace('#[^a-z0-9]#i', '', $_POST['newpass']); $repeatpass = preg_replace('#[^a-z0-9]#i', '', $_POST['repeatpass']); if(isset($_GET["u"])){ $u = preg_replace('#[^a-z0-9]#i', '', $_GET['u']); } else { header("location: settings.php?u=".$_SESSION["username"]); exit(); } // Select the member from the users table $sql = "SELECT * FROM users WHERE username='$u' AND activated='1' LIMIT 1"; $user_query = mysqli_query($db_conx, $sql); // Now make sure that user exists in the table $numrows = mysqli_num_rows($user_query); if($numrows < 1){ echo "That user does not exist or is not yet activated, press back"; exit(); } $isOwner = "no"; //check if user is logged in owner of account if($u == $log_username && $user_ok == true){ $isOwner = "yes"; } if (isset($_POST["submit"]) && ($isOwner == "yes") && ($user_ok == true) && ($newpass == $repeatpass)) { $newpass = md5($newpass); $sql = "UPDATE `users` SET `password`='$newpass' WHERE username='$u'"; if (mysqli_query($db_conx, $sql)) { echo "Record updated successfully with $newpass"; } else { echo "Error updating record: " . mysqli_error($conn); } } ?> <pre> <?php var_dump($_SESSION); var_dump($newpass); var_dump($repeatpass); ?> </pre> Thats the new code, I will try to implement a better encryption later. But i am still trying to figure out how to replace the get['u'] logic.

Hi guys, i am creating my change password site for my website and i have some problems with the code... For some reason i have difficulties with the passwords being compared and replaced in the db after crypting them. I wanted this: Either get the current users password and compare it to the input value of $oldpass or compare the input value of $oldpass with the password stored in the database for the current user. After checking if the $oldpass and the password from the database match and IF they match then take the input value of $newpass and $repeatpass, compare them and if they match, then crypt() $newpass and update the database with the new password. I am not even sure if the passwords are even crypted. Also in the code i am comparing $oldpass with $_SESSION['password'] which is not the password from the db, i can't figure out how to call the password from the db. Thanks in advance! <?php include 'check_login_status.php'; $u=""; $oldpass=md5($_POST['oldpass']); //stripping both strings of white spaces $newpass = preg_replace('#[^a-z0-9]#i', '', $_POST['newpass']); $repeatpass = preg_replace('#[^a-z0-9]#i', '', $_POST['repeatpass']); //get the username from the header if(isset($_GET["u"])){ $u = preg_replace('#[^a-z0-9]#i', '', $_GET['u']); } else { header("location: compare_pass.php?u=".$_SESSION["username"]); exit(); } // Select the member from the users table $sql = "SELECT password FROM users WHERE username='$u' LIMIT 1"; mysqli_query($db_conx, $sql); $user_query = mysqli_query($db_conx, $sql); // Now make sure that user exists in the table $numrows = mysqli_num_rows($user_query); if($numrows < 1){ echo "That user does not exist or is not yet activated, press back"; exit(); } if ($oldpass == $_SESSION['password']) { echo "session and oldpass are matching"; } else { echo "Session and oldpass do not match!"; } $isOwner = "no"; //check if user is logged in owner of account if($u == $log_username && $user_ok == true){ $isOwner = "yes"; } $passhash = ""; if (isset($_POST["submit"]) && ($isOwner == "yes") && ($user_ok == true) && ($newpass == $repeatpass)) { $passhash = crypt_sha256("$newpass", "B-Pz=0%5mI~SAOcW0pMUdgKQh1_B7H6sbKAl+9~O98E9MBPrpGOtE65ro~8R"); $sql = "UPDATE users SET `password`='$passhash' WHERE username='$u' LIMIT 1"; } if (mysqli_query($db_conx, $sql)) { echo "Record updated successfully"; } else { echo "Error updating record: " . mysqli_error($db_conx); } ?> <h3>Create new password</h3> <form action="" method="post"> <div>Current Password</div> <input type="text" class="form-control" id="password" name="oldpass" > <div>New Password</div> <input type="text" class="form-control" id="password" name="newpass" > <div>Repeat Password</div> <input type="text" class="form-control" id="password" name="repeatpass" > <br /><br /> <input type="submit" name="submit" value="Submit"> <p id="status" ></p> </form><?php echo "{$oldpass}, {$_SESSION['password']}"; ?> <pre> <?php var_dump($_SESSION); var_dump($oldpass); var_dump($passhash); var_dump($newpass); var_dump($repeatpass); ?> </pre>

nice thx! just have been told that on a netbook with 9.5" screen the site is messed up like crazy. dunno how do check this but do you have any idea if that coulc be the size of the screen to cause that problem?

I checked again and found some <h4> tags werent closed properly, now its only a few pixel to far right, thanks again! Trying to figure out now how to make it be exactly as in firefox, the 2 lower div on the right are like 5 pixels too far right.

Did that and no results. I wonder why it places the footer so far to the right in the first place, its so weird!

Hey thanks for taking time to reply. Sadly it is not changing the appearance in IE I noticed that the footer is influencing the mailform on the right side. Dunno what else of info i could provide, please let me know if you need anything else.

Hey guys, i finished this website www.styluxhair.de and now in internet explorer the right side div is completely out of place. I messed arround with hit for hours now but i cant seem to get to fix it. I know there is some sort of problem with the footer and the mailform on the right but im really stuck and would appreciate if someone could help me out here. Thanks in advance! index www.styluxhair.de/index.html css file: http://styluxhair.de/files/style.css

OMG IT WORKS! Thank you so much man this is awesome!

gives me this error: Warning: Cannot modify header information - headers already sent by (output started at /home/hexagonj/public_html/send.php:2) in /home/hexagonj/public_html/send.php on line 25 i feel like i wanna hang myslef lol

not working either i also tried replacing the post method of the form with get and now it shows the redirect in the url bar but still is stuck on the send.php

yea i played around a bit with the quote marks but its not working i dunno i have exactly the code that you posted. i wonder why it sends me to the send.php site all the time. i mean, shouldnt it just send the data to send.php and then let send.php handle the sending without going to send.php? thats what the redirect is for right?

dont i have to add something in the php file? because i m stuck on the send.php after clicking submit maybe something like go back to site or something?

yea i just noticed and changed that but its still not working any ideas? thx for your time btw

oh and my php file now looks like this: <? $header = 'MIME-Version: 1.0' . "\r\n"; $header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $header .= 'From: '.$_POST['firstname'].' '.$_POST['lastname'].' <'.$_POST['email'].'>' . "\r\n"; $html = '<html><body'; $html .= 'Name: '.$_POST['firstname'].' '.$_POST['lastname'].'<br>'; $html .= 'Email: '.$_POST['email'].'<br>'; $html .= 'Phone: '.$_POST['phone'].'<br><br>'; $html .= 'Message:'.$_POST['message']; $html .= '</body></html>'; $studio = $_POST['studio']; if ($studio == 1) $adress = 'bloodmonic@gmail.com'; if ($studio == 2) $adress = 'bloodmonic@gmail.com'; if ($studio == 3) $adress = 'bloodmonic@gmail.com'; if ($studio == 4) $adress = 'bloodmonic@gmail.com'; if ($studio == 5) $adress = 'bloodmonic@gmail.com'; mail($adress,'Message from styluxhair.de',$html,$header); ?>

ok i tried it now, i renamed the kontakt.html to kontakt.php then in the head i added <?PHP $sent=$_GET['sent']; ?> at the bottom of the head. <head> <meta name="description" content="Stylux ist Spezialist für die kosmetische Behandlung von Haarausfall und hat seit 2005 tausende Menschen erfolgreich behandelt."> <meta name="keywords" content="haarausfall, haare, haarausfall stoppen, Alopezie, alopecia, areata, haarverlust, Haarbehandlungen, Behandlung, glatze, kopfhaut,Kahlköpfigkeit, Geheimratsecken, Schuppen, gegen haarausfall, Haarausfall Frauen Männer, Haarwuchsmittel, Haarwuchs, Ursachen Haarausfall, Stress, hormoneller Haarausfall, erblicher Haarausfall, kreisrunder Haarausfall, diffuser Haarausfall, altersbedingter Haarausfall, Haartransplantation, Transplantation, Propecia, Proscar, Finasterid, Minoxidil, Regaine, anlagebedingt, Hormone, shampoo, Perücke, Zweithaar, Laser"> <title>Stylux | HAIR AND LASER TREATMENT</title> <meta name="robots" content="index,follow" > <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" > <link rel="stylesheet" type="text/css" href="files/style.css"> <link rel="shortcut icon" href="files/images/favicon.ico"> <script language="javascript"> AC_FL_RunContent = 0; </script> <script type="text/javascript" src="referenzen.php-Dateien/jquery-1.js"></script> <script type="text/javascript" src="referenzen.php-Dateien/slimbox2.js"></script> <script language="javascript"> DetectFlashVer = 0; </script> <script src="referenzen.php-Dateien/AC_RunActiveContent.js" language="javascript"></script> <script language="JavaScript" type="text/javascript"> <!-- var requiredMajorVersion = 8; var requiredMinorVersion = 0; var requiredRevision = 24; // --> </script> <?PHP $sent=$_GET['sent']; ?> then i put the <input type="hidden" name="redirect" value="http://hexagon.jlkfree.com/kontakt.html?sent=sent"> into the mailform of the kontakt.php like this: <form name="mailform" method="post" action="send.php" style="margin:15px;"> <input type="hidden" name="redirect" value="http://hexagon.jlkfree.com/kontakt.php?sent=sent"> <table border="0" cellpadding="2" cellspacing="2"> <tbody><tr> <td align="right">Vorname* </td> <td><input name="firstname" style="width: 150px;" type="text"> </td> <td align="right">Nachname* </td> <td><input name="lastname" style="width: 150px;" type="text"></td> </tr> <tr> <td align="right">Telefon* </td> <td><input name="phone" style="width: 150px;" type="text"></td> <td align="right">Email* </td> <td><input name="email" style="width: 150px;" type="text"> </td> </tr> <tr> <td align="right">Stylux Harstuudio <br>in Ihrer Nähe* </td> <td><select name="studio" style="width: 150px;"> <option selected="selected" value="1">Hamburg</option> <option value="2">Stockholm</option> <option value="3">Göteborg</option> <option value="4">Borås</option> <option value="5">Oslo</option> </select></td> </tr> <tr> <td colspan="4"><br>Ihre Nachricht*<br><textarea name="message" style="width: 100%; height: 150px;"></textarea></td> </tr> </tbody></table> <input value="Senden" type="submit"></form> And then added the <?PHP if (isset($sent)) {echo "<p>Message sent.</p>";} ?> under the submit button like this: <input value="Senden" type="submit"></form> <?PHP if (isset($sent)) {echo "<p>Message sent.</p>";} ?> but after clicking submit it just takes me to the send.php and stays there, the mail is sent though.