libinaz Posted July 25, 2006 Share Posted July 25, 2006 Hi, I am trying to set up a reset password which isn't working.in all, it just refreshes. what code and where do I put it for debugging?forgot_password.php:[code]<?php if (isset($_POST['submit'])) { // Handle the form. require_once ('db_connect.php');if (empty($_POST['bill_email'])) {$billEmail = FALSE;echo '<p><font color="red" size="+1">You forgot to enter your email!</font></p>';} else {$billEmail = escape_data($_POST['bill_email']);}if (empty($_POST['secretquestion'])) {$squestion = FALSE;echo '<p><font color="red" size="+1">You forgot to select a secret question!</font></p>';} else {$squestion = escape_data($_POST['secretquestion']); }if (empty($_POST['secretanswer'])) {$sanswer = FALSE;echo '<p><font color="red" size="+1">You forgot to enter your secret answer!</font></p>';} else {$sanswer = escape_data($_POST['secretanswer']);}if ($billEmail && $squeston && $sanswer) { $query = "SELECT bill_email, secretquestion, secretanswer FROM users_tbl WHERE bill_email='$billEmail' AND secretquestion='$secretquestion' AND secretanswer='$secretanswer'"; $result = @mysql_query ($query);$row = mysql_fetch_array ($result, MYSQL_NUM); if ($row) {$billEmail = $row[0];$squestion = $row[1];$sanswer = $row[2];} else {echo '<p><font color="red" size="+1">The submitted user information does not match those on file!</font></p>';$billEmail = FALSE;} } if ($billEmail) { // Create a new, random password. $p = substr ( md5(uniqid(rand(),1)), 3, 10); // Make the query. $query = "UPDATE users_tbl SET passwd=PASSWORD('$p') WHERE bill_email=$billEMail"; $result = @mysql_query ($query); // Run the query. if (mysql_affected_rows() == 1) { // If it ran OK. // Send an email. $body = "Your password to log into NAACO has been temporarily changed to '$p'. Please log-in using your email and this password. At that time you may change your password to something more familiar."; mail ($email, 'Your temporary password.', $body, 'From: me@mysite.com'); echo '<h3>Your password has been changed. You will receive the new, temporary password at the email address with which you registered. Once you have logged in with this password, you may change it by clicking on the "Change Password" link.</h3>'; exit(); } else { // If it did not run OK. // Send a message to the error log, if desired. $message = '<p><font color="red" size="+1">Your password could not be changed due to a system error. We apologize for any inconvenience.</font></p>'; } mysql_close(); // Close the database connection. } else { // Failed the validation test. echo '<p><font color="red" size="+1">Please try again.</font></p>'; }} // End of the main Submit conditional.?>[/code]and then the html form in the body with the action:[code]<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">[/code]any help is appreciated. thanks Quote Link to comment Share on other sites More sharing options...
ryanlwh Posted July 25, 2006 Share Posted July 25, 2006 does it actually give you the error messages, or just refreshes and do nothing??anyway, there's an error in the update query. add single quotes around $billEmail. also, it's $billEmail, not $billEMail.[code]$query = "UPDATE users_tbl SET passwd=PASSWORD('$p') WHERE bill_email='$billEmail'";[/code]a good way to debug is to use mysql_error(). Quote Link to comment Share on other sites More sharing options...
libinaz Posted July 25, 2006 Author Share Posted July 25, 2006 Yes, the page just refreshes and shows the information posted. Where do I put the mysql_error()? I did change the billEMail and the quotes, it still just refreshes. Quote Link to comment Share on other sites More sharing options...
ryanlwh Posted July 26, 2006 Share Posted July 26, 2006 you should remove the @ signs before mysql_query.. you actually WANT to see the errors if it goes wrong. then add mysql_error() like this[code]$result = mysql_query($query) or die(mysql_error());[/code] Quote Link to comment Share on other sites More sharing options...
libinaz Posted July 26, 2006 Author Share Posted July 26, 2006 It still doesn't show any errors. It just refreshes. I removed the echo's in the form and now, when it refreshes, nothing is in the form.here is the full code:[code]<?php session_start();// Set the page title and include the HTML header.require_once ('db_fns.php'); // Connect to the database. $conn = db_connect(); if (!$conn) return 'Could not connect to database server - please try later.';if (isset($_POST['submit'])) { if (empty($_POST['bill_email'])) { $billEmail = FALSE; echo '<p><font color="red" size="+1">You forgot to enter your email!</font></p>'; } else { $billEmail = escape_data($_POST['bill_email']); } if (empty($_POST['secretquestion'])) { $squestion = FALSE; echo '<p><font color="red" size="+1">You forgot to select a secret question!</font></p>'; } else { $squestion = escape_data($_POST['secretquestion']); } if (empty($_POST['secretanswer'])) { $sanswer = FALSE; echo '<p><font color="red" size="+1">You forgot to enter your secret answer!</font></p>'; } else { $sanswer = escape_data($_POST['secretanswer']);}if ($billEmail && $squeston && $sanswer) { $query = "SELECT bill_email, secretquestion, secretanswer FROM users_tbl WHERE bill_email='$billEmail' AND secretquestion='$secretquestion' AND secretanswer='$secretanswer'"; $result = mysql_query ($query) or die(mysql_error()); $row = mysql_fetch_array ($result, MYSQL_NUM); if ($row) { $billEmail = $row[0]; $squestion = $row[1]; $sanswer = $row[2]; } else { echo '<p><font color="red" size="+1">The submitted user information does not match those on file!</font></p>'; $billEmail = FALSE; } } if ($billEmail) { // Create a new, random password. $p = substr ( md5(uniqid(rand(),1)), 3, 10); // Make the query. $query2 = "UPDATE users_tbl SET passwd=PASSWORD('$p') WHERE bill_email='$billEmail'"; $result2 = mysql_query ($query2) or die(mysql_error());; // Run the query. if (mysql_affected_rows() == 1) { // If it ran OK. // Send an email. $body = "Your password to log into NAACO has been temporarily changed to '$p'. Please log-in using your email and this password. At that time you may change your password to something more familiar."; mail ($email, 'Your temporary password.', $body, 'From: me@mysite.com'); echo '<h3>Your password has been changed. You will receive the new, temporary password at the email address with which you registered. Once you have logged in with this password, you may change it by clicking on the "Change Password" link.</h3>'; exit(); } else { // If it did not run OK. // Send a message to the error log, if desired. $message = '<p><font color="red" size="+1">Your password could not be changed due to a system error. We apologize for any inconvenience.</font></p>'; } mysql_close(); // Close the database connection. } else { // Failed the validation test. echo '<p><font color="red" size="+1">Please try again.</font></p>'; }} // End of the main Submit conditional.?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title>Untitled Document</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><link href="userscss.css" rel="stylesheet" type="text/css"></head><body><table width="512" border="0" cellpadding="6" cellspacing="0" bgcolor="#FFFFFF"> <tr> <td><form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table width="500" cellpadding=2 cellspacing=0 bgcolor="#FFFFFF"> <tr> <td colspan="2" class="bodytext"><span class="header">NAACO Password Retrieval</span><br> <span class="membertext">If you have forgotten your password, please enter your username, your secret question and your secret answer. Your password will be sent to your email address.</span></td> </tr> <tr> <td width="35%" class="bodytext"> </td> <td width="65%"> </td> </tr> <tr class="membertext"> <td class="bodytext">Enter your username (eMail address)</td> <td> <input name="bill_email" type="text" class="bodytext" size="30"> </td> </tr> <tr class="membertext"> <td> </td> <td> </td> </tr> <tr class="membertext"> <td class="bodytext">What was your secret question (select)</td> <td> <select name="secretquestion" size="1" class="bodytext" id="select4" tabindex="30"> <option value="" selected>Select one</option> <option value="What is your favorite color">What is your favorite color</option> <option value="What is your favorite sport">What is your favorite sport</option> <option value="What is your mothers maiden name">What is your mothers maiden name</option> </select> </td> </tr> <tr class="membertext"> <td> </td> <td> </td> </tr> <tr class="membertext"> <td class="bodytext">What is the answer to your secret question</td> <td><input name="secretanswer" type="text" class="bodytext" size="30"> </td> </tr> <tr class="membertext"> <td> </td> <td> </td> </tr> <tr align="left" class="membertext"> <td colspan=2><input type="submit" name="Submit" value="Submit"></td> </tr> </table> </form></td> </tr></table></body></html>[/code] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.