Jump to content

password reset need debugged...how do I do that?


libinaz

Recommended Posts

Hi, I am trying to set up a reset password which isn't working.

in all, it just refreshes. what code and where do I put it for debugging?

forgot_password.php:
[code]
<?php
if (isset($_POST['submit'])) { // Handle the form.
require_once ('db_connect.php');

if (empty($_POST['bill_email'])) {
$billEmail = FALSE;
echo '<p><font color="red" size="+1">You forgot to enter your email!</font></p>';
} else {
$billEmail = escape_data($_POST['bill_email']);
}

if (empty($_POST['secretquestion'])) {
$squestion = FALSE;
echo '<p><font color="red" size="+1">You forgot to select a secret question!</font></p>';
} else {
$squestion = escape_data($_POST['secretquestion']);
}

if (empty($_POST['secretanswer'])) {
$sanswer = FALSE;
echo '<p><font color="red" size="+1">You forgot to enter your secret answer!</font></p>';
} else {
$sanswer = escape_data($_POST['secretanswer']);

}

if ($billEmail && $squeston && $sanswer) {

$query = "SELECT bill_email, secretquestion, secretanswer FROM users_tbl
WHERE bill_email='$billEmail' AND secretquestion='$secretquestion' AND secretanswer='$secretanswer'";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
$billEmail = $row[0];
$squestion = $row[1];
$sanswer = $row[2];
} else {
echo '<p><font color="red" size="+1">The submitted user information does not match
those on file!</font></p>';
$billEmail = FALSE;
}

}

if ($billEmail) {

// Create a new, random password.
$p = substr ( md5(uniqid(rand(),1)), 3, 10);

// Make the query.
$query = "UPDATE users_tbl SET passwd=PASSWORD('$p') WHERE bill_email=$billEMail";
$result = @mysql_query ($query); // Run the query.
if (mysql_affected_rows() == 1) { // If it ran OK.

// Send an email.
$body = "Your password to log into NAACO has been temporarily changed to '$p'.
Please log-in using your email and this password. At that time you may change
your password to something more familiar.";
mail ($email, 'Your temporary password.', $body, 'From: me@mysite.com');
echo '<h3>Your password has been changed. You will receive the new,
temporary password at the email address with which you registered. Once you
have logged in with this password, you may change it by clicking on the
"Change Password" link.</h3>';

exit();

} else { // If it did not run OK.

// Send a message to the error log, if desired.
$message = '<p><font color="red" size="+1">Your password could not be
changed due to a system error. We apologize for any inconvenience.</font></p>';

}
mysql_close(); // Close the database connection.

} else { // Failed the validation test.
echo '<p><font color="red" size="+1">Please try again.</font></p>';
}

} // End of the main Submit conditional.

?>
[/code]

and then the html form in the body with the action:
[code]
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">[/code]

any help is appreciated. thanks
Link to comment
Share on other sites

does it actually give you the error messages, or just refreshes and do nothing??

anyway, there's an error in the update query. add single quotes around $billEmail. also, it's $billEmail, not $billEMail.
[code]$query = "UPDATE users_tbl SET passwd=PASSWORD('$p') WHERE bill_email='$billEmail'";[/code]

a good way to debug is to use mysql_error().
Link to comment
Share on other sites

It still doesn't show any errors. It just refreshes. I removed the echo's in the form and now, when it refreshes, nothing is in the form.

here is the full code:
[code]
<?php
session_start();
// Set the page title and include the HTML header.
require_once ('db_fns.php'); // Connect to the database.
$conn = db_connect();
  if (!$conn)
    return 'Could not connect to database server - please try later.';

if (isset($_POST['submit'])) {

if (empty($_POST['bill_email'])) {
$billEmail = FALSE;
echo '<p><font color="red" size="+1">You forgot to enter your email!</font></p>';
} else {
$billEmail = escape_data($_POST['bill_email']);
}
if (empty($_POST['secretquestion'])) {
$squestion = FALSE;
echo '<p><font color="red" size="+1">You forgot to select a secret question!</font></p>';
} else {
$squestion = escape_data($_POST['secretquestion']);
}
if (empty($_POST['secretanswer'])) {
$sanswer = FALSE;
echo '<p><font color="red" size="+1">You forgot to enter your secret answer!</font></p>';
} else {
$sanswer = escape_data($_POST['secretanswer']);
}

if ($billEmail && $squeston && $sanswer) {

$query = "SELECT bill_email, secretquestion, secretanswer FROM users_tbl WHERE bill_email='$billEmail' AND secretquestion='$secretquestion' AND secretanswer='$secretanswer'";
$result = mysql_query ($query) or die(mysql_error());
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
$billEmail = $row[0];
$squestion = $row[1];
$sanswer = $row[2];
} else {
echo '<p><font color="red" size="+1">The submitted user information does not match those on file!</font></p>';
$billEmail = FALSE;
}

}

if ($billEmail) {

// Create a new, random password.
$p = substr ( md5(uniqid(rand(),1)), 3, 10);

// Make the query.
$query2 = "UPDATE users_tbl SET passwd=PASSWORD('$p') WHERE bill_email='$billEmail'";
$result2 = mysql_query ($query2)  or die(mysql_error());; // Run the query.
if (mysql_affected_rows() == 1) { // If it ran OK.

// Send an email.
$body = "Your password to log into NAACO has been temporarily changed to '$p'. Please log-in using your email and this password. At that time you may change your password to something more familiar.";
mail ($email, 'Your temporary password.', $body, 'From: me@mysite.com');
echo '<h3>Your password has been changed. You will receive the new, temporary password at the email address with which you registered. Once you have logged in with this password, you may change it by clicking on the "Change Password" link.</h3>';

exit();

} else { // If it did not run OK.

// Send a message to the error log, if desired.
$message = '<p><font color="red" size="+1">Your password could not be changed due to a system error. We apologize for any inconvenience.</font></p>';

}
mysql_close(); // Close the database connection.

} else { // Failed the validation test.
echo '<p><font color="red" size="+1">Please try again.</font></p>';
}

} // End of the main Submit conditional.

?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="userscss.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="512" border="0" cellpadding="6" cellspacing="0" bgcolor="#FFFFFF">
  <tr>
    <td><form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
      <table width="500" cellpadding=2 cellspacing=0 bgcolor="#FFFFFF">
        <tr>
          <td colspan="2" class="bodytext"><span class="header">NAACO Password
              Retrieval</span><br>
                  <span class="membertext">If you have forgotten your password,
                  please enter your username, your secret question and your secret
                  answer. Your password will be sent to your email address.</span></td>
        </tr>
        <tr>
          <td width="35%" class="bodytext">&nbsp;</td>
          <td width="65%">&nbsp;</td>
        </tr>
        <tr class="membertext">
          <td class="bodytext">Enter your username (eMail address)</td>
          <td>
            <input name="bill_email" type="text" class="bodytext" size="30">
          </td>
        </tr>
        <tr class="membertext">
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr class="membertext">
          <td class="bodytext">What was your secret question (select)</td>
          <td>
            <select name="secretquestion" size="1" class="bodytext" id="select4" tabindex="30">
              <option value="" selected>Select one</option>
              <option value="What is your favorite color">What is your favorite
              color</option>
              <option value="What is your favorite sport">What is your favorite
              sport</option>
              <option value="What is your mothers maiden name">What is your mothers
              maiden name</option>
            </select>
          </td>
        </tr>
        <tr class="membertext">
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr class="membertext">
          <td class="bodytext">What is the answer to your secret question</td>
          <td><input name="secretanswer" type="text" class="bodytext" size="30">
          </td>
        </tr>
        <tr class="membertext">
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr align="left" class="membertext">
          <td colspan=2><input type="submit" name="Submit" value="Submit">
</td>
        </tr>
      </table>
    </form></td>
  </tr>
</table>
</body>
</html>

[/code]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.