Jump to content

[SOLVED] Change Password


sith717

Recommended Posts

  • Replies 150
  • Created
  • Last Reply

On the checklogin.php page change

 

$_SESSION['is_valid'] = true;

 

to

 

$_SESSION['is_valid'] = "true";

 

and try that.

 

Ok so:

 

session_start();
echo $_SESSION['is_valid'];
exit();

 

to

 

session_start();
echo $_SESSION['is_valid'] = "true";
exit();

Link to comment
Share on other sites

I have no idea how to code php thats why I am needing TONS of help.

then start at the beginning..

http://hudzilla.org/phpwiki/index.php?title=Introducing_PHP

http://gr2.php.net/tut.php

 

If you want us to program for you please "Don't ask someone to write or re-write a script for you, unless you are posting a message to the Freelancing Forum. The forums are not the place to request XYZ script. This is a community of people learning PHP, and not a script location service. Try searching SourceForge, PHP Classes, HotScripts, or Google."

 

I'll stop posting in this thread now it's just really annoying to see

Link to comment
Share on other sites

no, on your check login page, you set $_SESSION['is_valid'] = true; if the user is logged in.

 

right here

 

// Register $myusername, $mypassword and redirect to file "index.php"
$_SESSION['username'] = $myusername;
$_SESSION['is_valid'] = true;
session_register("myusername");
session_register("mypassword");

 

change it there

Link to comment
Share on other sites

This is what I have for now.

 

If you can be nice enough to add in the codes in the correct spots would be great.

<?php
session_start();
$_SESSION['is_valid'] = "true";
exit();
$host = "localhost"; // Host name
$username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET!
$password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET!
$db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO!
$tbl_name = "members"; // Table name
// Connect to server and select databse.
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");

if ($_GET['change_pass'] == true && $_SESSION['is_valid'] == true){
$new_pass1 = mysql_real_escape_string($_POST['pass1']);
$new_pass2 = mysql_real_escape_string($_POST['pass2']);
$old_pass = mysql_real_escape_string($_POST['old_pass']);
$username = $_SESSION['username'];
$sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$total_found = $row['total_found'];
if (($total_found == 1) && ($new_pass1 == $new_pass2)){
	$sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';";
	mysql_query($sql);
	header("location:./");
	exit();
}
else{
	print "Error processing Password change. Please try again";
}
}
if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){
?>
<form method="POST" action="?change_pass=true">
	<table border="0">
		<tr>
			<td>Old Password:</td>
			<td><input type="password" name="old_pass"></td>
		</tr>
		<tr>
			<td>New Password:</td>
			<td><input type="password" name="pass1"></td>
		</tr>
		<tr>
			<td>New Password(Again):</td>
			<td><input type="password" name="pass2"></td>
		</tr>
		<tr>
			<td> </td>
			<td><input type="submit" value="Submit"></td>
		</tr>
	</table>
</form>
<?php
}
else{
header("location:./");
exit();
}

Link to comment
Share on other sites

<?php
$host="localhost"; // Host name
$username="bucketho_****"; // Mysql username
$password="*****"; // Mysql password
$db_name="bucketho_****"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "index.php"
$_SESSION['username'] = $myusername;
$_SESSION['is_valid'] = "true";
session_register("myusername");
session_register("mypassword");


header("location:index.php");
}

else {

header("location:login_failed.php");
}
?>

 

<?php
session_start();
echo $_SESSION['is_valid'];
exit();
$host = "localhost"; // Host name
$username = "bucketho_****"; // <-- Mysql username MAKE SURE THIS IS SET!
$password = "*****"; // <-- Mysql password MAKE SURE THIS IS SET!
$db_name = "bucketho_*****"; // <-- Database name CHANGE THIS TOO!
$tbl_name = "members"; // Table name
// Connect to server and select databse.
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");

if ($_GET['change_pass'] == true && $_SESSION['is_valid'] == true){
$new_pass1 = mysql_real_escape_string($_POST['pass1']);
$new_pass2 = mysql_real_escape_string($_POST['pass2']);
$old_pass = mysql_real_escape_string($_POST['old_pass']);
$username = $_SESSION['username'];
$sql = "SELECT COUNT(*) AS `total_found` FROM `members` WHERE `username`='$username' AND `password`='$old_pass' LIMIT 1;";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$total_found = $row['total_found'];
if (($total_found == 1) && ($new_pass1 == $new_pass2)){
	$sql = "UPDATE `members` SET `password`='$new_pass1' WHERE `username`='$username';";
	mysql_query($sql);
	header("location:./");
	exit();
}
else{
	print "Error processing Password change. Please try again";
}
}
if ($_GET['pass_change_form'] == true && $_SESSION['is_valid'] == true){
?>
<form method="POST" action="?change_pass=true">
	<table border="0">
		<tr>
			<td>Old Password:</td>
			<td><input type="password" name="old_pass"></td>
		</tr>
		<tr>
			<td>New Password:</td>
			<td><input type="password" name="pass1"></td>
		</tr>
		<tr>
			<td>New Password(Again):</td>
			<td><input type="password" name="pass2"></td>
		</tr>
		<tr>
			<td> </td>
			<td><input type="submit" value="Submit"></td>
		</tr>
	</table>
</form>
<?php
}
else{
header("location:./");
exit();
}

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.