sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Anyone else? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648146 Share on other sites More sharing options...
peranha Posted September 22, 2008 Share Posted September 22, 2008 Delete the lines I told you to put in from change_password.php  echo $_SESSION['is_valid']; exit();  Also change the  $_SESSION['is_valid'] = "true";  back to  $_SESSION['is_valid'] = true;  in checklogin.php Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648148 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Delete the lines I told you to put in from change_password.php  echo $_SESSION['is_valid']; exit();  Also change the  $_SESSION['is_valid'] = "true";  back to  $_SESSION['is_valid'] = true;  in checklogin.php  So I delete the  echo $_SESSION['is_valid']; exit();  Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648151 Share on other sites More sharing options...
peranha Posted September 22, 2008 Share Posted September 22, 2008 yes, and in the checklogin.php change the line back to  $_SESSION['is_valid'] = true;  Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648153 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Ok, I did it. Since I gave you the password, you can test it out. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648155 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Hopefully what you gave me fixes it! Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648158 Share on other sites More sharing options...
seany123 Posted September 22, 2008 Share Posted September 22, 2008 Is it possible to make it so MySql dosnt Encrypt the passwords? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648160 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Not sure. I dont know anything about php. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648162 Share on other sites More sharing options...
discomatt Posted September 22, 2008 Share Posted September 22, 2008 Don't ever store passwords in plain text. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648163 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Is it because mysql is much safer and secure? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648165 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Anyone willing to help? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648169 Share on other sites More sharing options...
peranha Posted September 22, 2008 Share Posted September 22, 2008 <?php error_reporting(E_ALL); $host="localhost"; // Host name $username="bucketho_****"; // Mysql username $password="*****"; // Mysql password $db_name="bucketho_****"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql) or die (mysql_error()); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "index.php" $_SESSION['username'] = $myusername; $_SESSION['is_valid'] = true; session_register("myusername"); session_register("mypassword"); header("location:index.php"); } else { header("location:login_failed.php"); } ?> Â <?php session_start(); error_reporting(E_ALL); $host = "localhost"; // Host name $username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET! $password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET! $db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO! $tbl_name = "members"; // Table name // Connect to server and select databse. mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); if ($_GET['change_pass'] == true && $_SESSION['is_valid'] == true){ $new_pass1 = mysql_real_escape_string($_POST['pass1']); $new_pass2 = mysql_real_escape_string($_POST['pass2']); $old_pass = mysql_real_escape_string($_POST['old_pass']); $username = $_SESSION['username']; $sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;"; $result = mysql_query($sql) or die (mysql_error()); $row = mysql_fetch_assoc($result); $total_found = $row['total_found']; if (($total_found == 1) && ($new_pass1 == $new_pass2)){ $sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';"; mysql_query($sql) or die (mysql_error()); header("location:./"); exit(); } else{ print "Error processing Password change. Please try again"; } } if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){ ?> <form method="POST" action="?change_pass=true"> <table border="0"> <tr> <td>Old Password:</td> <td><input type="password" name="old_pass"></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="pass1"></td> </tr> <tr> <td>New Password(Again):</td> <td><input type="password" name="pass2"></td> </tr> <tr> <td>Â </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> <?php } else{ header("location:./"); exit(); } Â try that, and see if you server is kicking out any errors. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648170 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 http://delta.bluespacetechnologies.com/~bucketho/admin/change_password.php?change_pass_form=true  There you go... Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648172 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Anyone? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648179 Share on other sites More sharing options...
peranha Posted September 22, 2008 Share Posted September 22, 2008 <?php session_start(); error_reporting(E_ALL); $host = "localhost"; // Host name $username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET! $password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET! $db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO! $tbl_name = "members"; // Table name // Connect to server and select databse. mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); if ($_GET['change_pass_form'] == true && $_SESSION['is_valid'] == true){ $new_pass1 = mysql_real_escape_string($_POST['pass1']); $new_pass2 = mysql_real_escape_string($_POST['pass2']); $old_pass = mysql_real_escape_string($_POST['old_pass']); $username = $_SESSION['username']; $sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;"; $result = mysql_query($sql) or die (mysql_error()); $row = mysql_fetch_assoc($result); $total_found = $row['total_found']; if (($total_found == 1) && ($new_pass1 == $new_pass2)){ $sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';"; mysql_query($sql) or die (mysql_error()); header("location:./"); exit(); } else{ print "Error processing Password change. Please try again"; } } if ($_GET['change_pass_form'] == true && $_SESSION['is_valid'] == true){ ?> <form method="POST" action="?change_pass=true"> <table border="0"> <tr> <td>Old Password:</td> <td><input type="password" name="old_pass"></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="pass1"></td> </tr> <tr> <td>New Password(Again):</td> <td><input type="password" name="pass2"></td> </tr> <tr> <td>Â </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> <?php } else{ header("location:./"); exit(); } Â <?php error_reporting(E_ALL); $host="localhost"; // Host name $username="bucketho_****"; // Mysql username $password="*****"; // Mysql password $db_name="bucketho_****"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql) or die (mysql_error()); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "index.php" $_SESSION['username'] = $myusername; $_SESSION['is_valid'] = true; session_register("myusername"); session_register("mypassword"); header("location:index.php"); } else { header("location:login_failed.php"); } ?> Â Try those. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648181 Share on other sites More sharing options...
waynew Posted September 22, 2008 Share Posted September 22, 2008 Jesus Christ. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648186 Share on other sites More sharing options...
DamienRoche Posted September 22, 2008 Share Posted September 22, 2008 Anyone? Â You cheeky bastard! Do it yourself!! 10 pages of replies?? am I seeing this right? I haven't seen you say thank you once. Get over yourself and you might learn something. Â > > Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648190 Share on other sites More sharing options...
waynew Posted September 22, 2008 Share Posted September 22, 2008 I fixed the code seeing as you were nice to enough to show people your gratitude for their charity help: Â <?php //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer //Hire a freelancer ?> Â Should work. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648192 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 HAHAHA! REALLY FUNNY WAYNE Â um.... not? Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648196 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 Hey thanks for trying to fix it, it still wont work Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648202 Share on other sites More sharing options...
waynew Posted September 22, 2008 Share Posted September 22, 2008 Then use my code. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648203 Share on other sites More sharing options...
sith717 Posted September 22, 2008 Author Share Posted September 22, 2008 I did, all it said was an error saying that wayne fails at life. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648206 Share on other sites More sharing options...
waynew Posted September 22, 2008 Share Posted September 22, 2008 Great coming from a guy too cheap to hire a freelancer. Mr Success! Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648208 Share on other sites More sharing options...
peranha Posted September 22, 2008 Share Posted September 22, 2008 <?php session_start(); error_reporting(E_ALL); $host = "localhost"; // Host name $username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET! $password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET! $db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO! $tbl_name = "members"; // Table name // Connect to server and select databse. mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){ $new_pass1 = mysql_real_escape_string($_POST['pass1']); $new_pass2 = mysql_real_escape_string($_POST['pass2']); $old_pass = mysql_real_escape_string($_POST['old_pass']); $username = $_SESSION['username']; $sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;"; $result = mysql_query($sql) or die (mysql_error()); $row = mysql_fetch_assoc($result); $total_found = $row['total_found']; if (($total_found == 1) && ($new_pass1 == $new_pass2)){ $sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';"; mysql_query($sql) or die (mysql_error()); header("location:./"); exit(); } else{ print "Error processing Password change. Please try again"; } } if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){ ?> <form method="POST" action="?change_pass=true"> <table border="0"> <tr> <td>Old Password:</td> <td><input type="password" name="old_pass"></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="pass1"></td> </tr> <tr> <td>New Password(Again):</td> <td><input type="password" name="pass2"></td> </tr> <tr> <td>Â </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> <?php } else{ header("location:./"); exit(); } Â Try that, had some things mixed up. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648216 Share on other sites More sharing options...
Zane Posted September 22, 2008 Share Posted September 22, 2008 This thread is going nowhere..  Seriously, you've came and reported to use every single possible error there could be..one at a time. at this rate, this thread will go over 30 pages, which is really stupid for a small project like this   Like, everyone said..read a tutorial or hire a freelancer.. those are your BEST options. Link to comment https://forums.phpfreaks.com/topic/125341-solved-change-password/page/6/#findComment-648222 Share on other sites More sharing options...
Recommended Posts