ChompGator Posted September 7, 2008 Share Posted September 7, 2008 Hey there, I have a script that updates the users password. Its simple right now, Ill add more to it once I get this part working...Right now you can go to a page, enter your new password, hit submit and the script submits...However, its not updating in the MySQL database...It should be though - the script isn't returning any errors or anything... <?php session_start(); $host="***"; // Host name $username="***"; // Mysql username $password="***"; // Mysql password $db_name="***"; // Database name // Connect to DB mysql_connect ( $host, $username, $password, $db_name)or die("Could not connect: ".mysql_error()); mysql_select_db($db_name); $password=$_POST['password']; $sql = "UPDATE users SET password='$password' WHERE uid = '{$_SESSION['uid']}'"; // Step 3 $result = mysql_query($sql) or die ( .mysql_error() ); ?> Any thoughts on why this isn't working? Quote Link to comment Share on other sites More sharing options...
tibberous Posted September 7, 2008 Share Posted September 7, 2008 Well, password is the mysql password, not a password being sent in from the request. You have a period before mysql_error(). I'd do an: echo "id is {$_SESSION['uid']}" and make sure that has a valid value. Quote Link to comment Share on other sites More sharing options...
ChompGator Posted September 7, 2008 Author Share Posted September 7, 2008 Well, password is the mysql password, not a password being sent in from the request. You have a period before mysql_error(). I'd do an: echo "id is {$_SESSION['uid']}" and make sure that has a valid value. Hey, thanks for the response, Ill do an echo, and let me ask one thing though, what do you mean by, "Password is the mysql password, not a password being sent int from the request" ? Anyway let me know - thanks! Quote Link to comment Share on other sites More sharing options...
TouranMan Posted September 7, 2008 Share Posted September 7, 2008 Hey, thanks for the response, Ill do an echo, and let me ask one thing though, what do you mean by, "Password is the mysql password, not a password being sent int from the request" ? The variable you're using in your query is the mySQL password ($password). Quote Link to comment Share on other sites More sharing options...
tibberous Posted September 7, 2008 Share Posted September 7, 2008 Yeah, you never set $password equal to $_REQUEST['password'], you set it equal to "***". You have a password for the mysql database and a password for the user, but your getting them confused because you named them both password. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted September 7, 2008 Share Posted September 7, 2008 Yeah, you never set $password equal to $_REQUEST['password'], you set it equal to "***". You have a password for the mysql database and a password for the user, but your getting them confused because you named them both password. Clearly you missed this line: $password=$_POST['password']; Quote Link to comment Share on other sites More sharing options...
ChompGator Posted September 7, 2008 Author Share Posted September 7, 2008 Oh, I see I see - so - the script things Im calling $password from above when I declared it to connect to the database, when Im not calling that... Thanks!! - Jeff Quote Link to comment Share on other sites More sharing options...
DarkWater Posted September 7, 2008 Share Posted September 7, 2008 Oh, I see I see - so - the script things Im calling $password from above when I declared it to connect to the database, when Im not calling that... Thanks!! - Jeff No no no, they didn't see the line where you set $password to the correct value. Did you remove the . from before mysql_error()? Quote Link to comment Share on other sites More sharing options...
ChompGator Posted September 7, 2008 Author Share Posted September 7, 2008 Ok, thank god because I still haven't got it working - and that didn't work- so I changed it all back...Yeah I removed the . Here is the current script if you want to take a stab at it..I also included the form that the user fills out: update.php <?php session_start(); ?> <form action="require.php" method="POST"> Old Password:<br> <font face="Verdana" size="2"> <input title="Your Google Toolbar can fill this in for you. Select AutoFill" tabindex="4" maxlength="90" size="39" name="oldpassword" style="height: 22px;" type="oldpassword"><br> <br> New Password</font>: font face="Verdana" size="2"> <input title="Your Google Toolbar can fill this in for you. Select AutoFill" tabindex="4" maxlength="90" size="39" name="password" style="height: 22px;" type="password"> require.php <?php session_start(); $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name // Connect to DB mysql_connect ( $host, $username, $password, $db_name)or die("Could not connect: ".mysql_error()); mysql_select_db($db_name); $password=$_POST['password']; $sql = "UPDATE users SET pas = pass('$pass')". WHERE uid = '{$_SESSION['uid']}'"; // Step 3 $result = mysql_query($sql) or die ( mysql_error() ); ?> Quote Link to comment Share on other sites More sharing options...
DarkWater Posted September 7, 2008 Share Posted September 7, 2008 The query should read: $sql = "UPDATE users SET pass = pass('$pass') WHERE uid = '{$_SESSION['uid']}'"; Also, you should do validation on the form fields to make sure that they are filled in. Quote Link to comment Share on other sites More sharing options...
ChompGator Posted September 7, 2008 Author Share Posted September 7, 2008 That looks right Ill try it, - Make sure Im not backwards here...the form field for changing the password is called password... The column in the database where the passwords are stored is called pass so should it be like this: $sql = "UPDATE users SET password = pass('$pass') WHERE uid = '{$_SESSION['uid']}'"; Or should it be the way you put it? $sql = "UPDATE users SET pass = pass('$pass') WHERE uid = '{$_SESSION['uid']}'"; Quote Link to comment Share on other sites More sharing options...
DarkWater Posted September 7, 2008 Share Posted September 7, 2008 Woops, here: $sql = "UPDATE users SET pass = pass('$password') WHERE uid = '{$_SESSION['uid']}'"; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.