Jump to content

[SOLVED] Change Password

sith717

By sith717
in PHP Coding Help

 Share

Recommended Posts

  • Replies 150
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

sith717 Member

sith717

Posted
  • Author
Posted

On the checklogin.php page change

 

$_SESSION['is_valid'] = true;

 

to

 

$_SESSION['is_valid'] = "true";

 

and try that.

 

Ok so:

 

session_start();
echo $_SESSION['is_valid'];
exit();

 

to

 

session_start();
echo $_SESSION['is_valid'] = "true";
exit();

Link to comment
Share on other sites
genericnumber1 Member

genericnumber1

Posted
Posted

I have no idea how to code php thats why I am needing TONS of help.

then start at the beginning..

http://hudzilla.org/phpwiki/index.php?title=Introducing_PHP

http://gr2.php.net/tut.php

 

If you want us to program for you please "Don't ask someone to write or re-write a script for you, unless you are posting a message to the Freelancing Forum. The forums are not the place to request XYZ script. This is a community of people learning PHP, and not a script location service. Try searching SourceForge, PHP Classes, HotScripts, or Google."

 

I'll stop posting in this thread now it's just really annoying to see

Link to comment
Share on other sites
peranha Regular Member

peranha

Posted
Posted

no, on your check login page, you set $_SESSION['is_valid'] = true; if the user is logged in.

 

right here

 

// Register $myusername, $mypassword and redirect to file "index.php"
$_SESSION['username'] = $myusername;
$_SESSION['is_valid'] = true;
session_register("myusername");
session_register("mypassword");

 

change it there

Link to comment
Share on other sites
sith717 Member

sith717

Posted
  • Author
Posted

This is what I have for now.

 

If you can be nice enough to add in the codes in the correct spots would be great.

<?php
session_start();
$_SESSION['is_valid'] = "true";
exit();
$host = "localhost"; // Host name
$username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET!
$password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET!
$db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO!
$tbl_name = "members"; // Table name
// Connect to server and select databse.
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");

if ($_GET['change_pass'] == true && $_SESSION['is_valid'] == true){
$new_pass1 = mysql_real_escape_string($_POST['pass1']);
$new_pass2 = mysql_real_escape_string($_POST['pass2']);
$old_pass = mysql_real_escape_string($_POST['old_pass']);
$username = $_SESSION['username'];
$sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$total_found = $row['total_found'];
if (($total_found == 1) && ($new_pass1 == $new_pass2)){
	$sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';";
	mysql_query($sql);
	header("location:./");
	exit();
}
else{
	print "Error processing Password change. Please try again";
}
}
if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){
?>
<form method="POST" action="?change_pass=true">
	<table border="0">
		<tr>
			<td>Old Password:</td>
			<td><input type="password" name="old_pass"></td>
		</tr>
		<tr>
			<td>New Password:</td>
			<td><input type="password" name="pass1"></td>
		</tr>
		<tr>
			<td>New Password(Again):</td>
			<td><input type="password" name="pass2"></td>
		</tr>
		<tr>
			<td> </td>
			<td><input type="submit" value="Submit"></td>
		</tr>
	</table>
</form>
<?php
}
else{
header("location:./");
exit();
}

Link to comment
Share on other sites
peranha Regular Member

peranha

Posted
Posted 

<?php
$host="localhost"; // Host name
$username="bucketho_****"; // Mysql username
$password="*****"; // Mysql password
$db_name="bucketho_****"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "index.php"
$_SESSION['username'] = $myusername;
$_SESSION['is_valid'] = "true";
session_register("myusername");
session_register("mypassword");


header("location:index.php");
}

else {

header("location:login_failed.php");
}
?>

 

<?php
session_start();
echo $_SESSION['is_valid'];
exit();
$host = "localhost"; // Host name
$username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET!
$password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET!
$db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO!
$tbl_name = "members"; // Table name
// Connect to server and select databse.
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");

if ($_GET['change_pass'] == true && $_SESSION['is_valid'] == true){
$new_pass1 = mysql_real_escape_string($_POST['pass1']);
$new_pass2 = mysql_real_escape_string($_POST['pass2']);
$old_pass = mysql_real_escape_string($_POST['old_pass']);
$username = $_SESSION['username'];
$sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$total_found = $row['total_found'];
if (($total_found == 1) && ($new_pass1 == $new_pass2)){
	$sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';";
	mysql_query($sql);
	header("location:./");
	exit();
}
else{
	print "Error processing Password change. Please try again";
}
}
if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){
?>
<form method="POST" action="?change_pass=true">
	<table border="0">
		<tr>
			<td>Old Password:</td>
			<td><input type="password" name="old_pass"></td>
		</tr>
		<tr>
			<td>New Password:</td>
			<td><input type="password" name="pass1"></td>
		</tr>
		<tr>
			<td>New Password(Again):</td>
			<td><input type="password" name="pass2"></td>
		</tr>
		<tr>
			<td> </td>
			<td><input type="submit" value="Submit"></td>
		</tr>
	</table>
</form>
<?php
}
else{
header("location:./");
exit();
}

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.