Jump to content

mysql password change


tpstudent

Recommended Posts

Hi, I had did some codes to allow user to log in and change their password. Currently, it seems to be not reading the current password in the database; to match with the password field which they have to enter their current password.

 

 

The error faced:

password.jpg

 

<?php 
session_start();
echo $name;
ob_start();
?>

<html>
<head>
<title>Staff Signage</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="style.css" rel="stylesheet" type="text/css">

<style type="text/css">
<!--
body {
background-color: #FFFFFF;
}
-->
</style></head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<!-- ImageReady Slices (main1.psd) -->
<table width="800" height="600" border="0" align="center" cellpadding="0" cellspacing="0" id="Table_01">
<tr>
	<td width="800" height="136"><?php include("include/header.php") ?></td>
  </tr>
<tr>
  <td width="800" height="438" valign="top" bgcolor="#FFFFFF">
        <table width="795" height="426" border="0">
          <tr>
            <td width="10" height="2"></td>
            <td width="762"></td>
            <td width="10"></td>
          </tr>
          <tr>
            <td height="409"></td>
            <td valign="top" bgcolor="#FFFFFF"><form name="form1" method="post" action="password.php">	

		<?php
			$password=$row['password'];
			$success = false;
				$submitted = isset($_POST['formsubmitted']);
				$staffid = $_SESSION['staffid'];
		if($submitted){
			if (!empty($_POST['cpassword'])) {
			$cpassword =$_POST['cpassword'];
			} else {
			$cpassword =NULL;
			echo '<span class = "font"><font color="red"><span class = "contentText"><b>You forgot to enter your Current Password!</b></span></font><br><br>';
			}//end of check userid


			if (!empty($_POST['npassword'])) {
			$npassword =$_POST['npassword'];
			} else {
			$bpost =NULL;
			echo '<font color="red"><span class = "contentText"><b>You forgot to enter your New Password!</b></span></font><br><br>';
			}//end of check password

			if($cpassword && $npassword)
			{

				if($cpassword==$password)
				{

				$password = mysql_real_escape_string($_POST["$npassword"]);

				require_once('staffSql.php');
					// connect to the mysql database server.
				mysql_select_db($dbname); 
				$query = "UPDATE staff set password='$npassword' where staffid ='$staffid'";

				$result = mysql_query($query);



			 if ($result)
			 {

			 echo"<br/><span class ='headerText'><center>Password Successfully changed.</center></span><br>";
			 echo"<span class ='headerText'><center>Redirecting to main..</center></span><br><br>";
			 header("refresh:2;url=main.php");
			 $success= true;
			}//end of if result
			else
			{

			 echo"<span class ='font'>Password Unsuccessfully changed.</span><br><br>";
			}//end of else
			}//end of if password matches that in db
			else
			{
				 echo"<span class ='text'><font color='red'>You have entered your current password wrongly.</font></span><br><br>";
			}
			}	
			}	
			?>		
            
		<input type="hidden" name="formsubmitted" value="TRUE"/>
<?php if($success == false) { ?>		
    	<span class="headerText">Change Your Password</span><br>
		<br>
		<span class="contentText">Current Password: </font></span> 
              <input name="cpassword" type="password" value="">
              <br>
              <br>
              <span class="contentText">Password: </font></span> 
		  <input name="npassword" type="password" value="">
              <br>
              <br>
              <input type="submit" name="submit" value="Change Password" />
		<input type="reset" value="Reset" /><?php } ?>
            
   </form>         
            </td>
            <td></td>
          </tr>
        </table>
      </td>
</tr>
<tr>
	<td width="800" height="26">	<?php include("include/footer.php") ?>		</td>
</tr>
</table>
<!-- End ImageReady Slices -->
</body>
</html>
<?php ob_flush(); ?>

 

Link to comment
https://forums.phpfreaks.com/topic/124417-mysql-password-change/
Share on other sites

Hi, I tried to retrieve the password row; however there is still the same problem faced. Can help me see what I had done wrong. Thanks.

 

<?php 
session_start();
echo $name;
ob_start();
?>

<html>
<head>
<title>Staff Signage</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="style.css" rel="stylesheet" type="text/css">

<style type="text/css">
<!--
body {
background-color: #FFFFFF;
}
-->
</style></head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<!-- ImageReady Slices (main1.psd) -->
<table width="800" height="600" border="0" align="center" cellpadding="0" cellspacing="0" id="Table_01">
<tr>
	<td width="800" height="136"><?php include("include/header.php") ?></td>
  </tr>
<tr>
  <td width="800" height="438" valign="top" bgcolor="#FFFFFF">
        <table width="795" height="426" border="0">
          <tr>
            <td width="10" height="2"></td>
            <td width="762"></td>
            <td width="10"></td>
          </tr>
          <tr>
            <td height="409"></td>
            <td valign="top" bgcolor="#FFFFFF"><form name="form1" method="post" action="password.php">	

		<?php


			$success = false;
			$submitted = isset($_POST['formsubmitted']);
			$staffid = $_SESSION['staffid'];

			require_once('staffSql.php');
			// connect to the mysql database server.
			mysql_select_db($dbname); 
			$query = "SELECT password FROM staff WHERE staffid = '$staffid'";

			$result = mysql_fetch_array(mysql_query($query));
			$password=$row['password'];	

		if($submitted){
			if (!empty($_POST['cpassword'])) {
			$cpassword =$_POST['cpassword'];
			} else {
			$cpassword =NULL;
			echo '<span class = "font"><font color="red"><span class = "contentText"><b>You forgot to enter your Current Password!</b></span></font><br><br>';
			}//end of check userid


			if (!empty($_POST['npassword'])) {
			$npassword =$_POST['npassword'];
			} else {
			$bpost =NULL;
			echo '<font color="red"><span class = "contentText"><b>You forgot to enter your New Password!</b></span></font><br><br>';
			}//end of check password

			if($cpassword && $npassword)
			{

				if($cpassword==$password)
				{

				$password = mysql_real_escape_string($_POST["$npassword"]);

				require_once('staffSql.php');
					// connect to the mysql database server.
				mysql_select_db($dbname); 

				$query = "UPDATE staff set password='$npassword' where staffid ='$staffid'";

				$result = mysql_query($query);



			 if ($result)
			 {

			 echo"<br/><span class ='headerText'><center>Password Successfully changed.</center></span><br>";
			 echo"<span class ='headerText'><center>Redirecting to main..</center></span><br><br>";
			 header("refresh:2;url=main.php");
			 $success= true;
			}//end of if result
			else
			{

			 echo"<span class ='font'>Password Unsuccessfully changed.</span><br><br>";
			}//end of else
			}//end of if password matches that in db
			else
			{
				 echo"<span class ='text'><font color='red'>You have entered your current password wrongly.</font></span><br><br>";
			}
			}	
			}	
			?>		
            
		<input type="hidden" name="formsubmitted" value="TRUE"/>
<?php if($success == false) {
		  
		 ?>		
    	<span class="headerText">Change Your Password</span><br>
		<br>
		<span class="contentText">Current Password: </font></span> 
              <input name="cpassword" type="password" value="">
              <br>
              <br>
              <span class="contentText">Password: </font></span> 
		  <input name="npassword" type="password" value="">
              <br>
              <br>
              <input type="submit" name="submit" value="Change Password" />
		<input type="reset" value="Reset" /><?php } ?>
            
   </form>         
            </td>
            <td></td>
          </tr>
        </table>
      </td>
</tr>
<tr>
	<td width="800" height="26">	<?php include("include/footer.php") ?>		</td>
</tr>
</table>
<!-- End ImageReady Slices -->
</body>
</html>
<?php ob_flush(); ?>

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.