sith717 Posted September 22, 2008 Share Posted September 22, 2008 I need to make a php page to change password. Can someone make a simple form and mysql thing to do it? Here is the existing file Checklogin.php <?php $host="localhost"; // Host name $username="bucketho_****"; // Mysql username $password="*****"; // Mysql password $db_name="bucketho_****"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "index.php" session_register("myusername"); session_register("mypassword"); header("location:index.php"); } else { header("location:login_failed.php"); } ?> Here is the mql info thing CREATE TABLE `members` ( `id` int(4) NOT NULL auto_increment, `username` varchar(65) NOT NULL default '', `password` varchar(65) NOT NULL default '', PRIMARY KEY (`id`) ) TYPE=MyISAM AUTO_INCREMENT=2 ; -- -- Dumping data for table `members` -- INSERT INTO `members` VALUES (1, '****', '****'); I made the private info * to protect it. Thanks. I need a script that can connect to the database and change the password. Thanks, Hopefully it can be done for free which would be a great help! Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/ Share on other sites More sharing options...
Maq Posted September 22, 2008 Share Posted September 22, 2008 You would have better luck in the freelance section. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647861 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 I really am not wanting to pay for this, since its something simple, and I really have no idea how to do... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647863 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 I really am not wanting to pay for this, since its something simple, and I really have no idea how to do... We are more than happy to help. Unfortunately, helping means taking the bad code, and making it work, not writing it for you. As Maq said, you'd have better luck paying someone 20 bucks to do it for you. Or you can write it yourself, seeing how simple it is. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647864 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 No I mean, like the whole code works, I just have to add a change password part... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647866 Share on other sites More sharing options...
Maq Posted September 22, 2008 Share Posted September 22, 2008 Psuedo: You need a form that asks for the user's username, old password, and new password. Pass the info to the php script. check the user info (like you have) UPDATE members SET password = $_POST['new_password'] WHERE username = $_POST['username']; if(success) return true; else return false; Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647871 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Ugh? Can you put that into the script? I have no idea how to combine it. I am really slow... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647873 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 I know, sorry about that... So who ever helps me out hopefully gets something... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647875 Share on other sites More sharing options...
Maq Posted September 22, 2008 Share Posted September 22, 2008 Sorry, but people here want to help, not do everything for you. If you want to post this in the freelance and try to get it done for free you're more than welcome. I'm sure people would agree that they are going to do something with pay rather than free. I'm also sure someone has a tutorial or a snippet of code that will help you out. Sorry, good luck. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647878 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 I understand. I looked around for a snippet of that what your saying and didn't find it. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647881 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 change_password.php <?php //access this file via "change_password.php?pass_change_form=true" $host="localhost"; // Host name $username="bucketho_****"; // Mysql username $password="*****"; // Mysql password $db_name="bucketho_****"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if ($_GET['change_pass'] == true){ $new_pass1 = mysql_real_escape_string($_POST['pass1']); $new_pass2 = mysql_real_escape_string($_POST['pass2']); $old_pass = mysql_real_escape_string($_POST['old_pass']); $username = $_SESSION['username']; $sql = "SELECT * FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;"; $results = mysql_query($sql); $count_res = mysql_num_rows($sql); if (($count_res == 1) && ($new_pass1 == $new_pass2)){ $sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';"; mysql_query($sql); header("location:./"); exit(); } else{ print "Error processing Password change. Please try again"; } } if ($_GET['pass_change_form'] == true){ ?> <form method="POST" action="?change_pass=true"> <table border="0"> <tr> <td>Old Password:</td> <td><input type="password" name="old_pass"></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="pass1"></td> </tr> <tr> <td>New Password(Again):</td> <td><input type="password" name="pass2"></td> </tr> <tr> <td> </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> <?php } and change your checklogin.php to this: <?php $host="localhost"; // Host name $username="bucketho_****"; // Mysql username $password="*****"; // Mysql password $db_name="bucketho_****"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "index.php" $_SESSION['username'] = $myusername; session_register("myusername"); session_register("mypassword"); header("location:index.php"); } else { header("location:login_failed.php"); } ?> Felt generous today. Not what I would normally do. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647889 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 What is different about the 2 codes you gave me? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647892 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 one is the password changer, the other, I just added a session variable that I like to use to handle usernames (makes it easier on my coding, nothing else). I had to fix a small syntax, and that's the reason for the edit. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647896 Share on other sites More sharing options...
Maq Posted September 22, 2008 Share Posted September 22, 2008 So who ever helps me out hopefully gets something... Probably just a thanks... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647900 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Oh I saw, nvm. Also, I put in the codes. The change_password.php page is blank. It wont load. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647902 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 So who ever helps me out hopefully gets something... Probably just a thanks... lol. I don't do it for the money. I have a good job. I'm of a mindset that you don't get anything for work, unless you get it before you do the work. A thanks would be great, though. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647904 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 go to http://your_site.com/directory/change_password.php?pass_change_form=true Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647906 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Please read the post that I posted before you. I put in the code change_password.php and edited checklogin.php When I go to change_password.php it wont load, it is blank. Not sure why. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647908 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 as I said, go to change_password.php?pass_change_form=true if you just go to change_password.php, you're going to get a blank page. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647912 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 It loads now. It shows an error: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/bucketho/public_html/admin/change_password.php on line 19 Error processing Password change. Please try again Its probably because it doesnt know what user to change the password for? Like before I can change the password I put in thhat login session thing, maybe I need that? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647913 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 gotta be logged in with that session value Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647916 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 This is the login session code: <? session_start(); if(!session_is_registered(myusername)){ header("location:login.php"); } ?> Do I place it on the top like this: <? session_start(); if(!session_is_registered(myusername)){ header("location:login.php"); } ?> <?php //access this file via "change_password.php?pass_change_form=true" $host="localhost"; // Host name $username="bucketho_***"; // Mysql username $password="****"; // Mysql password $db_name="bucketho_****"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if ($_GET['change_pass'] == true){ $new_pass1 = mysql_real_escape_string($_POST['pass1']); $new_pass2 = mysql_real_escape_string($_POST['pass2']); $old_pass = mysql_real_escape_string($_POST['old_pass']); $username = $_SESSION['username']; $sql = "SELECT * FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;"; $results = mysql_query($sql); $count_res = mysql_num_rows($sql); if (($count_res == 1) && ($new_pass1 == $new_pass2)){ $sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';"; mysql_query($sql); header("location:./"); exit(); } else{ print "Error processing Password change. Please try again"; } } if ($_GET['pass_change_form'] == true){ ?> <form method="POST" action="?change_pass=true"> <table border="0"> <tr> <td>Old Password:</td> <td><input type="password" name="old_pass"></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="pass1"></td> </tr> <tr> <td>New Password(Again):</td> <td><input type="password" name="pass2"></td> </tr> <tr> <td> </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> <?php } Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647920 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 wouldn't hurt. forgot to add sessions to my file (wrote it under yours, then broke it up). all you need is <?php session_start(); if ($_GET['change_pass'] == true){ $new_pass1 = mysql_real_escape_string($_POST['pass1']); $new_pass2 = mysql_real_escape_string($_POST['pass2']); $old_pass = mysql_real_escape_string($_POST['old_pass']); $username = $_SESSION['username']; $sql = "SELECT * FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;"; $results = mysql_query($sql); $count_res = mysql_num_rows($sql); if (($count_res == 1) && ($new_pass1 == $new_pass2)){ $sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';"; mysql_query($sql); header("location:./"); exit(); } else{ print "Error processing Password change. Please try again"; } } if ($_GET['pass_change_form'] == true){ ?> <form method="POST" action="?change_pass=true"> <table border="0"> <tr> <td>Old Password:</td> <td><input type="password" name="old_pass"></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="pass1"></td> </tr> <tr> <td>New Password(Again):</td> <td><input type="password" name="pass2"></td> </tr> <tr> <td> </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> <?php } Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647922 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 http://delta.bluespacetechnologies.com/~bucketho/admin/change_password.php?change_pass=true Something is wrong... Do you need any of the file to show you? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647927 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 This is getting very frustrating I know... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/#findComment-647932 Share on other sites More sharing options...
Recommended Posts