Member Changing Password

[Pavlos1316]

Hi

 

When a member is changing his password how to I tell that to authentication script (to regognize that is still the same user and logged in) so the member won't have to login again until next time?

 

Thank you

[conker87]

How are you authorising them? Can we see the login script? And how are you checking if they are logged in?

[Pavlos1316]

Login script:

 

<?php

[color=red]db connection string[/color]

session_start();
$Username=$_POST['Username'];
$Password=md5($_POST['Password']);
$query="SELECT ID FROM Register WHERE Username='$Username' AND Password='$Password'";
$result=mysql_query($query);
if(mysql_num_rows($result)>0){
session_regenerate_id();
$member=mysql_fetch_assoc($result);
$_SESSION['SESS_ID']=$member['ID'];
session_write_close();
include 'members_area.php';
             exit();
?>

 

Authentication script:

 

<?php
session_start();
if(!isset($_SESSION['SESS_ID']) || (trim($_SESSION['SESS_ID'])=='')){
header("location: http://");
exit();
}
?>

[conker87]

It looks like it wont matter. Since you don't have the password or username in the session authorisation.

[Pavlos1316]

It does cause if I change it when I try to access another members page it takes me back to the login page

 

[conker87]

Your login script appears to be missing a closing curly bracket. Other than that, I don't really know why it's logging you out when clearly it shouldn't.

[Pavlos1316]

sorry..

 

It was continued like

}else{
$error="Invalid Login";
}

 

I can't think what is wrong...

 

Maybe my authentication script when changing password automatically deletes the stored data so when the member tries to access another page is like his is not logged in!!

 

But how do I correct that?