Can't work out what's wrong with this?

adamjones · December 24, 2008

Hi. I'm making a form for users who have forgotten their password. Basically, they type in their username, and then 'checklost.php' puls their 'Secret Question' from the database. They fill in the answer, and if it matches with their chosen answer, they will then have the option to reset their password. Sounds pretty simple, but it won't work!!

Here is the main form;

<form name="form1" method="post" action="checklost.php">
					<fieldset>
						<!--[if !IE]>start row<![endif]-->
						<div class="row">
							<label>Username:</label>
							<span class="input_wrapper">
								<input class="text" name="user" type="text" />
							</span>
						</div>
						<!--[if !IE]>end row<![endif]-->
						<!--[if !IE]>start row<![endif]-->
						<!--[if !IE]>end row<![endif]-->
						<!--[if !IE]>start row<![endif]-->
						<!--[if !IE]>end row<![endif]-->
						<!--[if !IE]>start row<![endif]-->
							<div class="row">
								<div class="inputs small_inputs"> <span class="button gray_button unlock_button"><span><span><em>
								  <input name="apdiv" type="submit" />
							    Next Step</em></span></span></span> </div>
							</div>
							<!--[if !IE]>end row<![endif]-->
					</fieldset>
				</form>

And this is 'checklost.php';

<?php
ob_start();
$host="localhost";
$username="wowdream_hub";
$password="PASSWORD";
$db_name="wowdream_hub"; 
$tbl_name="members";

mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$user=$_POST['user'];

$sql="SELECT * FROM $tbl_name WHERE username='$user'";
$result=mysql_query($sql);
$data=mysql_fetch_array($result);
$secretq= $data['serectq'];
$secrera= $data['secreta'];

$count=mysql_num_rows($result);

if($count==1){
session_register("user");
session_register("secretq");
session_register("secreta");

header("location:step2.php");
}
else {
header("location:error.php");
}

ob_end_flush();
?>

And this is where their secret question is echoed;

<?PHP 
session_start();
if(!session_is_registered(secretq)){
header("location:index.php");
}
?>
<form name="form1" method="post" action="checklost2.php">
					<fieldset>
						<!--[if !IE]>start row<![endif]-->
						<div class="row">
							<label><? echo $secretq ?>:</label>
							<span class="input_wrapper">
								<input class="text" name="user" type="text" />
							</span>
						</div>
						<!--[if !IE]>end row<![endif]-->
						<!--[if !IE]>start row<![endif]-->
						<!--[if !IE]>end row<![endif]-->
						<!--[if !IE]>start row<![endif]-->
						<!--[if !IE]>end row<![endif]-->
						<!--[if !IE]>start row<![endif]-->
							<div class="row">
								<div class="inputs small_inputs"> <span class="button gray_button unlock_button"><span><span><em>
								  <input name="apdiv" type="submit" />
							    Next Step</em></span></span></span> </div>
							</div>
							<!--[if !IE]>end row<![endif]-->
					</fieldset>
				</form>

Can anyone see my problem?

Cheers, Adam.

MadTechie · December 24, 2008

Well i could read all your code and try to work it out but.. it would be easier if you told us what you mean but

it won't work!!

adamjones · December 24, 2008

Well, it wont echo out '<?php echo $secretq?>'

And now, when I have just logged in, it doesn't echo out my username... Come to think of it, it's not echoing out anything?

revraz · December 24, 2008

Have you considered using session_start instead of session register?

gwydionwaters · December 24, 2008

what is it that is not working? is it something wrong with your string? i'm new to it all but if i were you my string would look like this

SELECT secretq.users, secreta.users FROM users WHERE user.users = $user

dvd420 · December 24, 2008

Hi,

Is there any error or warning message?? I don't know but It seems that the problem is with session.

gwydionwaters · December 24, 2008

i just noticed you have

<? echo $secretq ?>

you should have

<? echo $secretq; ?>

wildteen88 · December 24, 2008

Your code appears to be relying on register_globals in order to function correctly. registert_globals has long been depreciated and has been disabled by default for along time. It is now due to be removed as of PHP6

Also when handling settings avoid using functions such as session_register, session_is_registered etc. These are also depreciated. Instead you should use the $_SESSION superglobal variable instead, examples

file1.php

<?php
// start the session
session_start();

// create a session variable
$_SESSION['my_var'] = 'hello world';

?>
<a href="file2.php">Next</a>

file2.php

<?php
// start the session
session_start();

// check that our session variable 'my_var' exists
if(isset($_SESSION['my_var']))
{
    echo $_SESSION['my_var'];
}
else
{
    echo "the session variable 'my_var' does not exist!";
}

?>

revraz · December 24, 2008

You don't need a semi colon if its the last line of code.

i just noticed you have
<? echo $secretq ?>
you should have
<? echo $secretq; ?>

LemonInflux · December 24, 2008

You don't need a semi colon if its the last line of code.
i just noticed you have
<? echo $secretq ?>
you should have
<? echo $secretq; ?>

Really? I didn't know this. Clever

*gets back on topic*

What do the errors (from error reporting) say?

Sign In

Can't work out what's wrong with this?

Recommended Posts

adamjones

Link to comment

Share on other sites

MadTechie

Link to comment

Share on other sites

adamjones

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

gwydionwaters

Link to comment

Share on other sites

dvd420

Link to comment

Share on other sites

gwydionwaters

Link to comment

Share on other sites

wildteen88

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

LemonInflux

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information