Call-911 Posted May 6, 2009 Share Posted May 6, 2009 Hello All, I tried searching for an answer, but to no avail. Basically, my script works GREAT, except for one small part, the user can change the password to be blank. I have tried everything including the empty() and the if ='null' commands, but can't get anything to work. So I need the script to make sure that the $newpassword or the $confirmnewpassword variables are not blank before processing the request. Thanks!! <? // Start a session session_start(); // Sends the user to the login-page if not logged in if(!session_is_registered('member_ID')) : header('Location: index.php?msg=requires_login'); endif; include("dbinfo.inc.php"); mysql_connect(localhost,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $user = $_SESSION["member_ID"]; $username = $_POST['$user']; $password = $_POST['password']; $newpassword = sha1($_POST['newpassword']); $confirmnewpassword = sha1($_POST['confirmnewpassword']); if($newpassword=$confirmnewpassword) $sql=mysql_query("UPDATE members SET user_password='$newpassword' where username='$user'"); if($sql) { echo "Your Password Has Been Changed."; } else { echo "The Passwords You Entered Do Not Match, Or You Have Not Entered A Password. Please Try Again."; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <p><a href="members.shtml" title="Back">Back</a></p> </body> </html> Quote Link to comment Share on other sites More sharing options...
ratcateme Posted May 6, 2009 Share Posted May 6, 2009 what about this if($newpassword==$confirmnewpassword && trim($_POST['newpassword']) != '') also notice i change the = to a == Scott. Quote Link to comment Share on other sites More sharing options...
RussellReal Posted May 6, 2009 Share Posted May 6, 2009 try sumfin like this.. <? // Start a session session_start(); // Sends the user to the login-page if not logged in if (!session_is_registered('member_ID')) header('Location: index.php?msg=requires_login'); include("dbinfo.inc.php"); mysql_connect(localhost,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $user = $_SESSION["member_ID"]; $username = $_POST[$user]; $password = $_POST['password']; $newpassword = sha1($_POST['newpassword']); $confirmnewpassword = sha1($_POST['confirmnewpassword']); if (($password) && ($_POST['newpassword']) && ($_POST['confirmnewpassword']) { if($newpassword=$confirmnewpassword) $sql=mysql_query("UPDATE members SET user_password='$newpassword' where username='$user'"); if($sql) { echo "Your Password Has Been Changed."; } else { echo "The Passwords You Entered Do Not Match, Or You Have Not Entered A Password. Please Try Again."; } } else { echo "All forms must be filled in.."; } ?> Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted May 6, 2009 Share Posted May 6, 2009 RussellReal, you have a syntax error there. if (($password) && ($_POST['newpassword']) && ($_POST['confirmnewpassword']) { You forgot to close a parenthesis. Quote Link to comment Share on other sites More sharing options...
RussellReal Posted May 6, 2009 Share Posted May 6, 2009 oo thanx, I wrote it in notepad, I usually write my code in notepad++ it highlights parenthesis ty tho Quote Link to comment Share on other sites More sharing options...
Call-911 Posted May 7, 2009 Author Share Posted May 7, 2009 what about this if($newpassword==$confirmnewpassword && trim($_POST['newpassword']) != '') also notice i change the = to a == Scott. Worked Perfectly Scott!! Thanks!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.