Jump to content

Recommended Posts

I want to copy the data from login_table to loginbk_table by php at the end of the user.php file I thought of just putting a

include "loginbk.php"; 

which would contain the copy to loginbk_table MySQL code, so every time the user.php was ran the loginbk_table would be update with new data.

I tried exporting the data from MySQL to see the code, but it only showed updating of the one record. so I emptied the table and exported again to see code but the It didnt show any update information. I need it to update all data every time and add data if it doesnt exsist.

Link to comment
https://forums.phpfreaks.com/topic/146953-copy-data-from-one-table-to-another/
Share on other sites

cant you just insert that data into both tables in the same query? i.e. INSERT INTO table1, table2 .....

 

If you elaborate on what your trying to do u might get more response. Little difficult in understanding what your trying to achieve.

What I’ve got is a program to protect web pages AGTC-Membership system v1.1a and it has been a banded by the creators, no support or updates. There are some parts of it that aren’t quite finished one of those being forgot password area. If you forget your password it will send you another but it is random characters. There is no way for a user to create a new one for him self. It stores the password in the database as encrypted. So I'm looking for a way to have the user be able to pick a new password once he gets the random one sent from the forgot password deal.

You can read description Here scroll down a bit to it.

 

I'm not against using something else but this is the only thing I found that was simple enough to add to my site and encrypt only certain pages

 

Ahh right i see.

So you need for the user to be able to request a new password. Then log back in with this password, and then change the password?

 

First thing you obvoisly need is to check the username is valid and email, or just the email. If it returns that there is a user with this email, then you need to create random word, put this into there password part, and send to them in email.

They then get the email, when they use to log in you have to perform the hashing alogorithm to this password before you check it with the stored password in the database.

 

Lets say the password sent was 'abc123'. This gets hashed before its stored in the database so now looks like this '321abc'. The user enters 'abc123' into the form aswell as their username. You then need to hash this password. The hashed password now looks like '321abc' and now you can check that this is the same as the stored password. Once confirmed they can change the password to what they like once there in, and its a simple update.

 

Hope this is what you are asking...

this is the current forgot page code so how do I mod it

 

<?php
$msg = "";

if (isset($_POST['Submit']))
{
$useremail = $_POST['useremail'];
$result = mysql_query("Select * From login_table where user_email='$useremail'",$con);

if(mysql_num_rows($result)>0)
{
	$row = mysql_fetch_array($result, MYSQL_BOTH);
	if($useremail == $row["user_email"]) // CHECK TO SEE IF USER EMAIL IS REGISTERED
	{										// IF NOT, MESSAGE WILL TELL USER NOT REISTERED

		$msg = "Your password has been sent to your email address";		

// RANDOM PASSWORD GENERATOR FOR NEW PASS
function NewPass() {
$rnd = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double)microtime()*1000000); 
$i = 0;
while ($i <= 7) {
    	$num = rand() % 33;
    	$tmp = substr($rnd, $num, 1);
    	$pass = $pass . $tmp;
    	$i++;}
return $pass;}
$rand_pass = NewPass(); // UN ENCRYPTED PASSWORD
$newpass = md5($rand_pass); // PASSWORD ENCRYPTION

// HERE MYSQL PREPARES TO UPDATE THE USERS RECORD CHANGING TO THE NEW ENCRYPTED PASSWORD	
	$username = $row["user_name"];
        $userpass = $newpass;
        $userlevel = $row["user_level"];
        $useremail = $row["user_email"];
	$userid = $row["userid"];
$result = mysql_query("Update login_table set user_name='$username', user_pass='$userpass', user_email='$useremail', user_level='$userlevel' where userid=".$userid);

// THIS PART SENDS USER A NEW PASSWORD
$email = $useremail;
$todayis = date("l, F j, Y, g:i a") ;
$subject = "Password Recovery";
$message = " 
From: $sendersName ($sendersEmail)\n
You have requested your Login information as below: \n\n
Username: $username\n
Password: $rand_pass\n
";
$from = "From: $sendersEmail";
if ($email != "") 
mail($email, $subject, $message, $from);
	}
	else
	{
		$msg = "The email address provided is not in our records";
	}
}
else
{
	$msg = "The email address provided is not in our records";
    }
}
mysql_close ($con);
?>

<!-- THIS IS THE REQUEST NEW PASSWORD FORM -->
<html>
<head>
<title>Password Recovery</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="style.css" rel="stylesheet" type="text/css">
</head>

<body bottommargin="20" bgcolor="#003366">

<form name="form1" method="post" action="">
  <h3 align="center">
<font size="1" face="Verdana, Arial, Helvetica, sans-serif" color="#FFFFFF">Please 
    enter your registered email address </font></h3>
  <p align="center"><?php echo "<font color='red'>$msg</font>" ?></p>
  <div align="center">
  <table class="table" width="60%" border="0" cellspacing="1" bordercolor="#000000" bgcolor="#FFFFFF">
    <tr bgcolor="#000000"> 
      <td colspan="2"><div align="center"><font color="#FC9801" size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>REQUEST NEW PASSWORD </strong></font></div></td>
    </tr>
    <tr> 
      <td><div align="right"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Please enter your email address:  </font></div></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="useremail" type="text" id="useremail" width="200">
        </font></td>
    </tr>
    <tr> 
      <td><a href="http://www.agtc.co.uk" target="_blank"><font color="#ffffff">http://www.agtc.co.uk</font></a></td>
      <td><div align="center">
        <input type="submit" name="Submit" value="Request Password">
      </div></td>
    </tr>
  </table>
</div>
<p align="center" class="smallErrorText"><b><a href="login.php">
<font color="#FFFFFF">Login Here </font> </a></b></p>
</form>
</body>
</html>

On a first glance it appears that the script will work. What is not working with it?

 

Actually first possible problem is that the variable $con has not been set.

I dont generally use it like this, i use a different way.

 

Here is how I would do this part or your code:

Orginal code:

if (isset($_POST['Submit']))
{
   $useremail = $_POST['useremail'];
   $result = mysql_query("Select * From login_table where user_email='$useremail'",$con);

 

// THE FUNCTION CONNECT() IS THE CODE TO CONNECT TO YOUR DATABASE.
   function connect()
   {
      $user = 'user';
      $db = 'database_name';
      $password = 'password';
      $server = 'localhost';

      $result = new mysql($server, $user, $password, $db);
      if(!$result)
         throw new Exception('Error occured when trying to connect with database');

      else
         return $result;
    }

if (isset($_POST['Submit']))
{
   $useremail = $_POST['useremail'];

try
{
   $conn = connect();
   $result = $conn->query("Select * From login_table where user_email='$useremail'");
    //  ......everything else you require in here
  }
  catch(Exception $e)
  {
     echo $e->getMessage();
  }

 

 

 

 

tbh it looks like everything should work.

If you are not getting emails you should check that your virus protection is blocking port 3306 i believe. If you have error reporting switched on then share the errors here and we can try to sort it.

i see...

Well the user will have to log into his account using the given password.

Once the user has logged in he need to change his password then.

 

You check that the user is logged in.

The user enters the password he wants.

Validate the user entry (e.g. make sure its long enough, and maybe has a digit in it).

Check there is a user with the username, check the password given matches the password stored in the database.

If all this is correct then just update the password with the password they gave.

 

Do u need the code for this?

np. ok heres a basic shell, might want filling out slightly, such as validate their input which you deffinatly want to do.

I myself use PDO so I dont have to mess around with quotes etc and I also do regex checks on input.

 

Also you might want to change the $_SESSION['valid_user']; to what the session name is for the user.

 

<?php session_start();

  $old_password = $_POST['old'];
  $old_hash = md5($old_password);

  $new_password = $_POST['new'];
  $new_hash = md5($new_password);

  if(isset($_SESSION['valid_user'])
  {
    $user = $_SESSION['valid_user'];
  }
  else
  {
    echo '<p>You are not logged in.</p>';
    display_footer();
    exit;
  }

  $conn = connect();

  $result = $conn->query("SELECT user_pass FROM login_table WHERE user_name = '$user'")or die(mysql_error());
  $row = $result->fetch_Object();

  $original_password = $row->user_pass;

  if($original_password == $old_hash)
  {
    $result2 = $conn->query("INSERT INTO login_table (user_pass) VALUES ('$new_hash') WHERE user_name = '$user'")or die(mysql_error());
    
    if(!$result2)
    {
      echo '<p>New Password not entered into database</p>';
      display_footer();
      exit;
    }
    else
    {
      echo '<p>New Password Accepted</p>';
    }
  }
  else
  {
    echo '<p>The password entered doesnt match the password sent in the email</p>';
    display_footer();
    exit;
  }

?>

So do I replace the entier forgot.php with this?

Heres the login.php that vailadates I think

<?php
session_start();
include("config.php");

$msg = "";

if (isset($_POST['Submit']))
{

$username = $_POST['username'];
$password = md5($_POST[password]);

$result = mysql_query("Select * From login_table where user_name='$username'",$con);

if(mysql_num_rows($result)>0)
{
	$row = mysql_fetch_array($result, MYSQL_BOTH);
	if($password == $row["user_pass"])
	{

		$_SESSION['loginok'] = "ok";
		$_SESSION['username'] = "username";
		$_SESSION['password'] = "password";
		$_SESSION['level'] = $row["user_level"];


		header("Location: index.php");

	}
	else
	{
		$msg = "Password incorrect";
	}
}
else
{
	$msg = "Username incorrect";
    }

}

?>

<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="style.css" rel="stylesheet" type="text/css">
</head>

<body bottommargin="20" bgcolor="#003366">
<form name="form1" method="post" action="">
  <h3 align="center">
<font size="1" face="Verdana, Arial, Helvetica, sans-serif" color="#FFFFFF">Please 
    enter your username and password to login</font></h3>
  <p align="center"><?php echo "<font color='red'>$msg</font>" ?></p>
  <div align="center">
  <table class="table" width="35%" border="0" cellspacing="1" bordercolor="#000000" bgcolor="#FFFFFF">
    <tr bgcolor="#000000"> 
      <td colspan="2"><div align="center"><font color="#FC9801" size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>LOGIN</strong></font></div></td>
    </tr>
    <tr> 
      <td><div align="right"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Username:  </font></div></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="username" type="text" id="username" width="200">
        </font></td>
    </tr>
    <tr> 
      <td><div align="right"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Password:  </font></div></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="password" type="password" id="password" width="200">
        </font></td>
    </tr>
    <tr> 
      <td><a href="http://www.agtc.co.uk" target="_blank"><font color="#ffffff">http://www.agtc.co.uk</font></a></td>
      <td><div align="center">
        <input type="submit" name="Submit" value="Submit">
      </div></td>
    </tr>
  </table>
</div>
<p align="center" class="smallErrorText"><a href="forgot.php"><b>
<font color="#FFFFFF">Forgot Password ?</font></b> </a></p>
</form>

</body>
</html>

 

No sorry I forgot to mention. That should be a complete new document. You will need to create a form for the user to fill in as well.

The form entries should include:

 

old password (this is the password that was emailed to them) set as value='old'.

new password (the password that they want to use) set as value='new'.

 

Also the $_SESSION['valid_user'] will need to be changed to $_SESSION['username'];

 

It may not work 100% because they have created other sessions and im not sure what your other documents will do with these values. It may check them against the database to confirm but i dont know. Best thing to do it to try it.

So you should have 5 documents.

 

they are:

 

Login.php

config.php

forgot_password.php (the original document you showed)

 

reset_password.php (the document I showed you)

reset_password_form.php (the form you need to create for the user to enter his new password, which sends to reset_password.php)

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.