Jump to content

Archived

This topic is now archived and is closed to further replies.

xyn

Small but big problem..

Recommended Posts

Hi,
I'm having a problem with my Update Password code, I'm not getting any errors. I've used: die(mysql_error()); and I've tried echoing all the variables involved and they're all being called back correctly. And when I try saving the new pass over the old one it will not save to the database. I'm baffled.

My code...
[code=php:0]<?PHP include("Session.php"); ?>
<html>

<head>
<meta http-equiv="Content-Language" content="en-gb">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>SAVING PASS</title>
</head>
<?PHP
include("db.php");
$sql = mysql_query("SELECT * FROM accounts WHERE user='{$_SESSION['user']['user']}'");
while( $bbb = @mysql_fetch_row($sql)){
$usrnam = $bbb[1];
}

?>
<body bgcolor="54A800">
<?PHP
$pas1 = $_POST['oldpass'];
$pas2 = $_POST['newpass'];
$pas3 = $_POST['confirm'];

if($pas1 == NULL){
die('ERROR');
} elseif($pas2 == NULL){
die('error');
} elseif($pas3 == NULL){
die('ERROR');
}

if($pas2 != $pas3){
die('ERROR');
}

include("db.php");
$result = mysql_query("SELECT * FROM accounts WHERE user='$usrnam'");
while($data = mysql_fetch_row($result)){
$pword = $data[2];
$usr_mail = $data[4];

if(md5($pas1) != $pword){
die('ERROR');
}
}

include "db.php";
$db = mysql_connect("localhost", $login, $pwd) or die(mysql_error());
mysql_select_db("zroxxco_members") or die(mysql_error());
$query4 = "UPDATE accounts SET pass='".md5($_POST['newpass'])."' WHERE user='.strtolower($usrnam).'" or die(mysql_error());
mysql_query($query4, $db) or die(mysql_error());

include("db.php");
$date = date("d.m.y");
$time = date("g:ia");
$db = mysql_connect("localhost", $login, $pwd) or die(mysql_error());
mysql_select_db("zroxxco_members") or die(mysql_error());
$spm = "INSERT INTO pm (sendto, sendfrom, subject, msg, date, time, stats, icon) VALUES ('".strtolower($usrnam)."',
'<font color=orange>Admin</font>',
'Password updated.',
'Dear $usrnam,
Your password has been successfully changed to your new password which has been e-mailed to you. We cannot attach it to this private Message because as part of our Privacy Policy. By attaching personal information through PM we would be breaching our Privacy Policy',
'$date',
'$time',
'0',
'<img src=images/new.jpg>')" or die(mysql_error());
$result = mysql_query($spm, $db) or die(mysql_error());

$msubject="Comfirming your new password";
$mto="$usr_mail";
$mfrom="No-Reply@zroxx.com";
$mmsg="TO: $mto,
FROM: $mfrom,
SENT: $date at $time.
SUBJECT: $msubject.

Dear $usrnam,
We are sending this e-mail to let you know your account password was changed, Incase you did not make this change we have attached your new password below.
New Pass: $pas2.

Best regards.
Zroxx Management.";

mail($mto, $msubject, $mmsg, "From: $mfrom");

echo 'UPDATED MESSAGE SENT';

?>
</body>

</html>[/code]

Share this post


Link to post
Share on other sites
Not sure but this might be causing it:
[code]
nclude "db.php";
$db = mysql_connect("localhost", $login, $pwd) or die(mysql_error());
mysql_select_db("zroxxco_members") or die(mysql_error());
$query4 = "UPDATE accounts SET pass='".md5($_POST['newpass'])."' WHERE user='.strtolower($usrnam).'" or die(mysql_error());
mysql_query($query4, $db) or die(mysql_error());
[/code]

Change your query to look like this:
[code]
<?php
$query4 = "UPDATE accounts SET pass='".md5($_POST['newpass'])."' WHERE user='".strtolower($usrnam)."'";
$query = mysql_query($query4) or die("MySQL Error: <br /> {$query4} <br /> ". mysql_error());
?>
[/code]
If that still does not fix it.  When I have troubles with updating/inserting etc, before I do the actual query I will echo the query string.  After I confirm it looks right then I uncomment my mysql_query() line.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.