adamjones Posted December 24, 2008 Share Posted December 24, 2008 Hi. I'm making a form for users who have forgotten their password. Basically, they type in their username, and then 'checklost.php' puls their 'Secret Question' from the database. They fill in the answer, and if it matches with their chosen answer, they will then have the option to reset their password. Sounds pretty simple, but it won't work!! Here is the main form; <form name="form1" method="post" action="checklost.php"> <fieldset> <!--[if !IE]>start row<![endif]--> <div class="row"> <label>Username:</label> <span class="input_wrapper"> <input class="text" name="user" type="text" /> </span> </div> <!--[if !IE]>end row<![endif]--> <!--[if !IE]>start row<![endif]--> <!--[if !IE]>end row<![endif]--> <!--[if !IE]>start row<![endif]--> <!--[if !IE]>end row<![endif]--> <!--[if !IE]>start row<![endif]--> <div class="row"> <div class="inputs small_inputs"> <span class="button gray_button unlock_button"><span><span><em> <input name="apdiv" type="submit" /> Next Step</em></span></span></span> </div> </div> <!--[if !IE]>end row<![endif]--> </fieldset> </form> And this is 'checklost.php'; <?php ob_start(); $host="localhost"; $username="wowdream_hub"; $password="PASSWORD"; $db_name="wowdream_hub"; $tbl_name="members"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $user=$_POST['user']; $sql="SELECT * FROM $tbl_name WHERE username='$user'"; $result=mysql_query($sql); $data=mysql_fetch_array($result); $secretq= $data['serectq']; $secrera= $data['secreta']; $count=mysql_num_rows($result); if($count==1){ session_register("user"); session_register("secretq"); session_register("secreta"); header("location:step2.php"); } else { header("location:error.php"); } ob_end_flush(); ?> And this is where their secret question is echoed; <?PHP session_start(); if(!session_is_registered(secretq)){ header("location:index.php"); } ?> <form name="form1" method="post" action="checklost2.php"> <fieldset> <!--[if !IE]>start row<![endif]--> <div class="row"> <label><? echo $secretq ?>:</label> <span class="input_wrapper"> <input class="text" name="user" type="text" /> </span> </div> <!--[if !IE]>end row<![endif]--> <!--[if !IE]>start row<![endif]--> <!--[if !IE]>end row<![endif]--> <!--[if !IE]>start row<![endif]--> <!--[if !IE]>end row<![endif]--> <!--[if !IE]>start row<![endif]--> <div class="row"> <div class="inputs small_inputs"> <span class="button gray_button unlock_button"><span><span><em> <input name="apdiv" type="submit" /> Next Step</em></span></span></span> </div> </div> <!--[if !IE]>end row<![endif]--> </fieldset> </form> Can anyone see my problem? Cheers, Adam. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted December 24, 2008 Share Posted December 24, 2008 Well i could read all your code and try to work it out but.. it would be easier if you told us what you mean but it won't work!! Quote Link to comment Share on other sites More sharing options...
adamjones Posted December 24, 2008 Author Share Posted December 24, 2008 Well, it wont echo out '<?php echo $secretq?>' And now, when I have just logged in, it doesn't echo out my username... Come to think of it, it's not echoing out anything? Quote Link to comment Share on other sites More sharing options...
revraz Posted December 24, 2008 Share Posted December 24, 2008 Have you considered using session_start instead of session register? Quote Link to comment Share on other sites More sharing options...
gwydionwaters Posted December 24, 2008 Share Posted December 24, 2008 what is it that is not working? is it something wrong with your string? i'm new to it all but if i were you my string would look like this SELECT secretq.users, secreta.users FROM users WHERE user.users = $user Quote Link to comment Share on other sites More sharing options...
dvd420 Posted December 24, 2008 Share Posted December 24, 2008 Hi, Is there any error or warning message?? I don't know but It seems that the problem is with session. Quote Link to comment Share on other sites More sharing options...
gwydionwaters Posted December 24, 2008 Share Posted December 24, 2008 i just noticed you have <? echo $secretq ?> you should have <? echo $secretq; ?> Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted December 24, 2008 Share Posted December 24, 2008 Your code appears to be relying on register_globals in order to function correctly. registert_globals has long been depreciated and has been disabled by default for along time. It is now due to be removed as of PHP6 Also when handling settings avoid using functions such as session_register, session_is_registered etc. These are also depreciated. Instead you should use the $_SESSION superglobal variable instead, examples file1.php <?php // start the session session_start(); // create a session variable $_SESSION['my_var'] = 'hello world'; ?> <a href="file2.php">Next</a> file2.php <?php // start the session session_start(); // check that our session variable 'my_var' exists if(isset($_SESSION['my_var'])) { echo $_SESSION['my_var']; } else { echo "the session variable 'my_var' does not exist!"; } ?> Quote Link to comment Share on other sites More sharing options...
revraz Posted December 24, 2008 Share Posted December 24, 2008 You don't need a semi colon if its the last line of code. i just noticed you have <? echo $secretq ?> you should have <? echo $secretq; ?> Quote Link to comment Share on other sites More sharing options...
LemonInflux Posted December 24, 2008 Share Posted December 24, 2008 You don't need a semi colon if its the last line of code. i just noticed you have <? echo $secretq ?> you should have <? echo $secretq; ?> Really? I didn't know this. Clever *gets back on topic* What do the errors (from error reporting) say? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.