ReeceSayer Posted November 18, 2009 Share Posted November 18, 2009 Well i have some php script which allows a user to register and log in... now i want them to be able to change their passwords once they are logged in... i wasnt quite sure how to do this but i'll post the code. <?php session_start(); if(!isset($_SESSION['username']) || !isset($_SESSION['sid']) ||!isset($_SESSION['ip'])) { header("Location: login.php"); } include("connection2.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Index Page</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="centered.css" rel="stylesheet" type="text/css" /> <style type="text/css"> <!-- body { background-repeat: repeat; } --> </style></head> <body> <!-- wrapper div for positioning --> <div id="container"> <!-- Header Section --> <div id="header"> <img src="images/Semper Fi.png" alt="Semper Fi" longdesc="value" title="Semper Fi" /> <object type="application/x-shockwave-flash" data="NCIS.swf" width="400" height="300"> <param name="movie" value="NCIS.swf" /> <param name="controller" value="true" /> <p>Sorry, your browser is not standards compliant; please try <a href="NCIS Slideshow.swf">NCIS.swf</a> </p> </object> <br /> <img src="images/NCIS Logo.png" alt="NCIS Logo" longdesc="value" title="NCIS" width="339" height="107" /> <br /> </div> <!-- Content Section --> <div id="content"> <?php $date = date_default_timezone_set('Europe'); if (date("H") < 12) echo 'Good morning, '; else echo 'Good afternoon, '; echo 'the time is: ' . date('H:i') . ' on ' . date('D M j') .'th' . PHP_EOL; ?> <br /> <?php // Include the database connection file. include("connection.php"); // Check if a person has clicked on submit. if(isset($_POST['submit'])) { if(empty($_POST['password']) || empty($_POST['password2']) || empty($_POST['password3'])) { echo "You have to fill in everything in the form."; // Display the error message. header("Location: changepassword.php"); // Redirect to the form. exit; // Stop the code to prevent the code running after redirecting. } // Create variables from each $_POST. $password = $_POST['password']; $password2 = $_POST['password2']; $password3 = $_POST['password3']; // Now, compare passwords and check if they're the same. if($password2 != $password3) { // If the passwords are NOT the same. Again display an error message and redirect. echo "Sorry new passwords are not equal."; // header("Location: changepassword.php"); exit; } // Secure the password using an md5 hash. $password = md5($password); $password2 = md5($password2); $password3 = md5($password3); // Create a variable containing the SQL query. $query = "SELECT username,password FROM `Users` WHERE username='$_SESSION['username']'"; $query2 = "UPDATE users SET password = '$password2' WHERE username = '$_SESSION['username']'"; $result = mysql_query($query); if(!$result) { // Gives an error if the username given does not exist. // or if something else is wrong. echo "The query failed " . mysql_error(); } else { // Now create an object from the data you've retrieved. $row = mysql_fetch_object($result); // You've now created an object containing the data. // You can call data by using -> after $row. // For example now the password is checked if they're equal. if($row->password != $password) { echo "I am sorry, but the passwords are not equal."; //header("Location: login.php"); exit; } $result = mysql_query($query); // If the query failed, display an error. if(!$result) { echo "Password change failed because of " . mysql_error() . "<br>"; // The dot seperates PHP code and plain text. echo "<a href=\"changepassword.php\"> Try Again By Returning To The Change password Screen</a>"; } else { // Display a success message! echo "Congratulations " . $username . " You have successfully changed your password"; echo "<a href=\"login.php\"> Continue To Login!</a>"; echo $query; } } } ?> </div> <!-- Footer Section --> <div id="footer"> <p> <a href="http://validator.w3.org/check/referer"><img src="http://www.w3.org/Icons/valid-xhtml10" alt="Valid XHTML 1.0!" height="31" width="88" /></a> </p> <p> <a href="About Us.html">About Us </a> </p> </div> </div> <!-- end container --> </body> </html> When i run the code i get this error: Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\Users\Reece\Documents\xampplite\htdocs\authenticatepassword.php on line 104 Any help or tips would be great thanks Quote Link to comment Share on other sites More sharing options...
cags Posted November 18, 2009 Share Posted November 18, 2009 On/near the line in question you have two SQL queries. Place curly brackets around the $_SESSION[] parts... $query = "SELECT username,password FROM `Users` WHERE username='{$_SESSION['username']}'"; $query2 = "UPDATE users SET password = '$password2' WHERE username = '{$_SESSION['username']}'"; Quote Link to comment Share on other sites More sharing options...
ReeceSayer Posted November 18, 2009 Author Share Posted November 18, 2009 yeah that sorted my initial problem. And now i've just got it to work. Thanks Alot! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.