I need help with a php login and register script

[darkownzinc]

Specifically the change password part. I have made it so that your password cannot be over 32 characters or less than 6 characters. If you enter a new password that meets this criteria it still says the new password does not meet the criteria.

 

There is the code i would appreciate any help that i can get. Please and thank you.

 

<?php

 

session_start();

 

$user = $_SESSION['username'];

 

if ($user)

{

if ($_POST['submit'])

{

$oldpassword = strtolower(md5($_POST['oldpassword']));

$newpassword = strtolower(md5($_POST['newpassword']));

$repeatedpassword = strtolower(md5($_POST['repeatnewpassword']));

 

include ('connect.php');

 

$queryget = mysql_query("SELECT password FROM users WHERE username='$user'") or die ("The query has failed.");

$row = mysql_fetch_assoc($queryget);

 

$olddbpassword = $row['password'];

 

if ($oldpassword==$olddbpassword)

{

if ($newpassword==$repeatedpassword)

{

if (strlen($newpassword)>32||strlen($newpassword)<6)

{

echo "Your new password must be between 6 and 32 characters. Please try again";

}

else if (strlen($repeatpassword)>32||strlen($repeatpassword)<6)

{

echo "Your repeated password must be between 6 and 32 characters. Please try again.";

}

else

{

$changequery = mysql_query("

  UPDATE users SET password='$newpassword' WHERE username='$user'

");

session_destroy();

include ('redirect2.php');

}

}

else

die ("The new passwords you have entered do not match.");

}

else

{

echo "Your old password does not match our records. Please try again.";

}

}

else

{

echo "

<form action='changepassword.php' method='POST'>

Old password: <input type='password' name='oldpassword'>

New password: <input type='password' name='newpassword'>

Repeat new password: <input type='password' name='repeatnewpassword'>

<input type='submit' name='submit' value='Save Changes'>

";

}

}

 

 

else

die ('In order to change your pasword you must be logged in.');

 

?>

[Irresistable]

There is a nice little tutorial by JPMaster77 on evolt forums. Login System with remember me feature. (Is what I find the best) Google: "Login System with remember me feature" click on the one on evolt forums by JPMaster77.

This has a useredit page, where you change your password, email, etc. Has user info (pretty much like a profile but basic) It has admin features so that you can ban users. The only thing it doesn't have, is email activation. I am able to sort that out for you though if you wanted it.

 

You can use that as a template. However.. you may have to redesign all your code. Though it might be a better script for you. As it's a simple download the files, set the constants and create the database. Upload it to your server.

 

You might want to change it though.. maybe you dont like admin features, you can then remove that. Though you'd need to go throught the code, remove the bits you dont need from session.php process.php database.php etc etc. So that theres no loose code that can get caught up in other bits and cause errors. I'd advise if you did this and removed stuff, dont read the functions, you have to read it through and find out where its linking to. Like a chain. Then remove each bit. Though create backup files just incase.

 

Hope it'd be any use to you. I know its a third party script, it might be to some help though, but dont post any errors with the script in the help forum, use third party scripts, or feel free to PM me.

I've used JPMaster77 script, and I've made big changes with it in the past.