sandbudd Posted May 20, 2008 Share Posted May 20, 2008 I am having the hardest time which I am sure is simple to you guys. I am trying to create a simple change password code. If someone has a code I can use please help me. Here are the files that I have that work. Thanks in advance. main-login.php <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="form1" method="post" action="checklogin.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" id="myusername"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="mypassword" type="text" id="mypassword"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Login"></td> </tr> </table> </td> </form> </tr> </table> checklogin.php <?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // If result matched $myusername and $mypassword, table row must be 1 row if ( @mysql_num_rows($result) == 1 ) { // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 Where does it change the password? Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 in the database Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 Where is the script that changes (or attempts to change) the password? Do you have one? Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 I am sorry I do not...I have tried several scripts and gave up I am new to php and need the script Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 Okay...I will post some code soon to get you started. Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 wonderful thank you Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 You decide how they get to the change password form page after they login. They can click a link, it does not matter. On the change password page, you have 4 password fields, just for the sake of no mistakes: Current Password: <input type='password' name='cp' /> Current Password Confirm: <input type='password' name='cpc' /> New Password: <input type='password' name='np' /> New Password Confirm: <input type='password' name='npc' /> After filling out those fields, they submit the form and are redirected to the script that changes the password, or at least attempts to change the password. Hope this points you in the right direction. <?php session_start(); // Note, there are no security measures. This is just to get the basics across. $cp = $_POST['cp']; $cpc = $_POST['cpc']; $np = $_POST['np']; $npc = $_POST['npc'] if($cp != $cpc || $np != $npc) { // Redirect to change password page } // Replace "" with appropriate values $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username = $_SESSION['myusername']; $query = "UPDATE $tbl_name set password = \"$np\" where username = \"$username\""; $result = mysql_query($query) or die("ERROR!".mysql_error()); header("Location: passwordcomplete.php"); // THIS CODE HAS NOT BEEN TESTED ?> Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 Thank You so much let me give it a try Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 You might have to change somethings to meet your needs...For one thing, the first redirect is not there; I figured I would let you do that so you could type the correct page in. Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 didnt work...here is what I did and here is the error I get Parse error: syntax error, unexpected T_IF in /home/anodizi/public_html/pass/passchange.php on line 8 this is the changepass.html <form action="passchange.php" method="post"> <fieldset><legend>Enter your information in the form below:</legend> <p>Login Name: <input type="text" name="user" size="10" maxlength="20" /></p> <p>Current Password: <input type="password" name="password" size="20" maxlength="20" /></p> <p>New Password: <input type="password" name="oldpass" size="20" maxlength="20" /></p> <p>Confirm New Password: <input type="password" name="newpass" size="20" maxlength="20" /></p> </fieldset> <div align="center"><input type="submit" name="submit" value="Change My Password" /></div> </form> and the passchange.php <?php session_start(); // Note, there are no security measures. This is just to get the basics across. $cp = $_POST['cp']; $cpc = $_POST['cpc']; $np = $_POST['np']; $npc = $_POST['npc'] if($cp != $cpc || $np != $npc) { // Redirect to change password page } // Replace "" with appropriate values $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username = $_SESSION['myusername']; $query = "UPDATE $tbl_name set password = \"$np\" where username = \"$username\""; $result = mysql_query($query) or die("ERROR!".mysql_error()); header("Location: passwordcomplete.php"); // THIS CODE HAS NOT BEEN TESTED ?> Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 Your form field names are kind of messed up, but I will use those names. <?php // Note, there are no security measures. This is just to get the basics across. $cp = $_POST['password]; $user = $_POST['user']; $np = $_POST['oldpass']; $npc = $_POST['newpass'] if($np != $npc) { // Redirect to change password page } // Replace "" with appropriate values $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username = $_SESSION['myusername']; $query = "UPDATE $tbl_name set password = \"$np\" where username = \"$user\" AND password = \"$cp\""; $result = mysql_query($query) or die("ERROR!".mysql_error()); header("Location: passwordcomplete.php"); // THIS CODE HAS NOT BEEN TESTED ?> Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 k...thank you! sorry bout that Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 No problem. By the way, I left out a ; after $npc = $_POST['newpass'] ( $npc = $_POST['newpass'] should be $npc = $_POST['newpass']; ) Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 now I get this error Parse error: syntax error, unexpected T_STRING, expecting ']' in /home/anodizi/public_html/pass/passchange.php on line 5 Here is what I tried <?php session_start(); // Note, there are no security measures. This is just to get the basics across. $cp = $_POST['password]; $user = $_POST['user']; $np = $_POST['oldpass']; $npc = $_POST['newpass']; if($np != $npc) { // Redirect to change password page } // Replace "" with appropriate values $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username = $_SESSION['myusername']; $query = "UPDATE $tbl_name set password = \"$np\" where username = \"$user\" AND password = \"$cp\""; $result = mysql_query($query) or die("ERROR!".mysql_error()); header("Location: passwordcomplete.php"); // THIS CODE HAS NOT BEEN TESTED ?> Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 $cp = $_POST['password]; should be $cp = $_POST['password']; Sorry for the mistakes... Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 I am sorry I think it is my fault... in the database here is the fields id username password Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 Did it not work? Quote Link to comment Share on other sites More sharing options...
sandbudd Posted May 20, 2008 Author Share Posted May 20, 2008 Yea it worked...Thank you so much I appreciate the help! Quote Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 No problem. You kind of freaked me out there when you told me the table layout... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.