silverglade Posted January 26, 2010 Share Posted January 26, 2010 hi, im having trouble with my reset password form, the page just shows up blank in the browser. any help GREATLY appreciated. thank you. derek here is the code <?php $email = $_POST['email']; if(!isset($_POST['email'])) { //If so, escape the input, like above $email = mysql_real_escape_string($_POST['email']); if(!isset($_POST['email'])) { //If not, show form echo "Please enter your desired password: <form action=\"Signup.php?Email=$Email&Salt=$Salt\" method=\"post\"> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\">"; } else { //If so, escape the input, like above $Password = mysql_real_escape_string($_POST['Password']); $Confirm = mysql_real_escape_string($_POST['Confirm']); //Encrypt it, so it can't be read even if someone does get into your database $Password = md5($Password); $Confirm = md5($Confirm); if($Password != $Confirm) { echo "The two passwords did not match"; exit(); echo "Please enter your desired password: <form action=\"Signup.php?Email=$Email&Salt=$Salt\" method=\"post\"> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\">"; } //Update the database mysql_query("UPDATE members SET `Password`='$Password' WHERE `Email`='$email'"); //Send them to login header("Location:http://oddnerdrum.info/success.html"); } ?> <html> <body> <p>Password recovery page:</p> <p>Please enter your email you used when you signed up to the pages.</p> <form name="form1" method="post" action=""> <p>your email <input type="text" name="email" id="email"> </p> <p> <label> <input type="submit" name="submit" id="submit" value="Submit"> </label> </p> </form> <p> </p> </body> </html> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/ Share on other sites More sharing options...
silverglade Posted January 26, 2010 Author Share Posted January 26, 2010 here is the new code i just made to try to correct it. <?php $email = $_POST['email']; $Password = $_POST['Password']; $Confirm = $_POST['Confirm']; $email = mysql_real_escape_string($_POST['email']); //If not, show form echo "Please enter your email: <form action=\"method=\"post\"> <input type=\email\" name=\"email\"><br> <br> <br> <input type=\"submit\" value=\"email\">"; echo "</br>"; echo "Please enter your new password: <form action=\"method=\"post\"> <input type=\text\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"text\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\">"; //If so, escape the input, like above $Password = mysql_real_escape_string($_POST['Password']); $Confirm = mysql_real_escape_string($_POST['Confirm']); //Encrypt it, so it can't be read even if someone does get into your database $Password = md5($Password); $Confirm = md5($Confirm); if($Password != $Confirm) { echo "The two passwords did not match"; exit(); echo "Please enter your desired password: <form action=\"method=\"post\"> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\">"; } //Update the database mysql_query("UPDATE members SET `Password`='$Password' WHERE `Email`='$email'"); //Send them to login header("Location:http://oddnerdrum.info/success.html"); } ?> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1001973 Share on other sites More sharing options...
JAY6390 Posted January 26, 2010 Share Posted January 26, 2010 at the top of your script put the following ini_set('display_errors', 1); error_reporting(E_ALL); and post any errors you are getting Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1001985 Share on other sites More sharing options...
silverglade Posted January 26, 2010 Author Share Posted January 26, 2010 ok thank you here is the error i get Notice: Undefined index: email in /hermes/bosweb/web173/b1739/sl.brendansite1/public_html/oddnerdrum.info/passrecovery.php on line 8 Notice: Undefined index: Password in /hermes/bosweb/web173/b1739/sl.brendansite1/public_html/oddnerdrum.info/passrecovery.php on line 9 Notice: Undefined index: Confirm in /hermes/bosweb/web173/b1739/sl.brendansite1/public_html/oddnerdrum.info/passrecovery.php on line 10 Notice: Undefined index: email in /hermes/bosweb/web173/b1739/sl.brendansite1/public_html/oddnerdrum.info/passrecovery.php on line 13 Notice: Undefined index: Password in /hermes/bosweb/web173/b1739/sl.brendansite1/public_html/oddnerdrum.info/passrecovery.php on line 14 Notice: Undefined index: Confirm in /hermes/bosweb/web173/b1739/sl.brendansite1/public_html/oddnerdrum.info/passrecovery.php on line 15 and here are my newest code changes <?php include("connect1.php"); ini_set('display_errors', 1); error_reporting(E_ALL); $email = $_POST['email']; $Password = $_POST['Password']; $Confirm = $_POST['Confirm']; $email = mysql_real_escape_string($_POST['email']); $Password = mysql_real_escape_string($_POST['Password']); $Confirm = mysql_real_escape_string($_POST['Confirm']); echo "Please enter your email: <form action=\"\"> <input type=\"text\" name=\"email\"><br> <br> <br><br><br>Please enter your new password: <form action=\"\"> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\">"; //Encrypt it, so it can't be read even if someone does get into your database $Password = md5($Password); $Confirm = md5($Confirm); if($Password != $Confirm) { echo "The two passwords did not match"; exit(); echo "Please enter your email: <form action=\"\"> <input type=\email\" name=\"email\"><br> <br> <br><br><br>Please enter your new password: <form action=\"\"> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\">"; } if ($email && $Password) { //Update the database mysql_query("UPDATE members SET `Password`='$Password' WHERE `Email`='$email'"); //Send them to login header("Location:http://oddnerdrum.info/success.html"); } ?> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1001989 Share on other sites More sharing options...
silverglade Posted January 26, 2010 Author Share Posted January 26, 2010 here is my new code cleaned up A LOT! but its still not working any help greatly appreciated. <?php include("connect1.php"); ini_set('display_errors', 1); error_reporting(E_ALL); $email = $_POST['email']; $Password = $_POST['Password']; $Confirm = $_POST['Confirm']; echo "Please enter your email: <form action=\" \"> <input type=\"text\" name=\"email\"><br> <br> <br><br>Please enter your password:<br> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\"></form>"; //Encrypt it, so it can't be read even if someone does get into your database $email = mysql_real_escape_string($_POST['email']); $Password = mysql_real_escape_string($_POST['Password']); $Confirm = mysql_real_escape_string($_POST['Confirm']); $Password = md5($Password); $Confirm = md5($Confirm); if($Password != $Confirm) { echo "The two passwords did not match"; exit(); echo "Please enter your email: <form action=\"\"> <input type=\email\" name=\"email\"><br> <br> <br><br><br>Please enter your new password: <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <input type=\"submit\" value=\"Set Password\"</form>"; } if ($email && $Password) { //Update the database mysql_query("UPDATE members SET `Password`='$Password' WHERE `Email`='$email'"); //Send them to login header("Location:http://oddnerdrum.info/success.html"); } ?> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1002002 Share on other sites More sharing options...
JAY6390 Posted January 26, 2010 Share Posted January 26, 2010 You aren't setting the method of the form to POST change this code <form action=\" \"> to <form action=\" \" method=\"POST\"> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1002047 Share on other sites More sharing options...
silverglade Posted January 26, 2010 Author Share Posted January 26, 2010 awesome thanks jay. it updates the database now, but it think it gives anyone the ability to create an account now. is there a way to check the database for the email they provide, and then only change the password then? Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1002066 Share on other sites More sharing options...
silverglade Posted January 26, 2010 Author Share Posted January 26, 2010 here is the code as it stands. it doesnt update the database, but it does check to see if the user's email is in the database. and it doesnt redirect the m to the success page. any help greatly appreciate. thanks.! <?php include("connect1.php"); /* ini_set('display_errors', 1); error_reporting(E_ALL); GREAT SNIPPET FOR DEBUGGING OUTPUTS ERRORS TO SCREEN */ /*if (isset($_POST['email']) && isset($_POST['Password']) && isset($_POST['Confirm'])) { $email = $_POST['email']; $Password = $_POST['Password']; $Confirm = $_POST['Confirm']; } //By doing this the script checks that the variables is set, before you define new ones with them */ //THIS DID NOTHING TO REMOVE THE ERROR ON SCREEN $email = $_POST['email']; $Password = $_POST['Password']; $Confirm = $_POST['Confirm']; echo "Please enter your email: <form action=\" \" method=\"POST\"> <input type=\"text\" name=\"email\"><br> <br> <br><br>Please enter your password:<br> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <br><input type=\"submit\" value=\"Set Password\"></form>"; $table_name = "members"; // tablename $query = "SELECT * FROM {$table_name} WHERE ('Email' = '{$email}')"; $results = mysql_num_rows(mysql_query($query)); if ($results > 0) { mysql_query("UPDATE members SET `Password`='$Password' WHERE `Email`='$Email'"); //Send them to login header("Location:http://oddnerdrum.info/index.php#login"); } else { echo "<br>email does not exist in the database<br>"; } //Encrypt it, so it can't be read even if someone does get into your database $email = mysql_real_escape_string($_POST['email']); $Password = mysql_real_escape_string($_POST['Password']); $Confirm = mysql_real_escape_string($_POST['Confirm']); $Password = md5($Password); $Confirm = md5($Confirm); if($Password != $Confirm) { echo "The two passwords did not match"; exit(); echo "Please enter your email: <form action=\" \" method=\"POST\"> <input type=\email\" name=\"email\"><br> <br> <br><br><br>Please enter your new password: <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <br><input type=\"submit\" value=\"Set Password\"</form>"; $table_name = "members"; // tablename $query = "SELECT * FROM {$table_name} WHERE ('Email' = '{$email}')"; $results = mysql_num_rows(mysql_query($query)); if ($results > 0) { mysql_query("UPDATE members SET `Password`='$Password' WHERE `Email`='$Email'"); //Send them to login header("Location:http://oddnerdrum.info/index.php#login"); } else { echo "<br>email does not exist in the database<br>"; } }//last outer if ?> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1002091 Share on other sites More sharing options...
silverglade Posted January 27, 2010 Author Share Posted January 27, 2010 ok here is the closest i got it to work, most of it works, but when i use a correct email that exists in the database to update the password, it gives me a "email does not exist in the database" PLEASE help if you can , ive been on this all day LOL here is the code <?php include("connect1.php"); /* ini_set('display_errors', 1); error_reporting(E_ALL); GREAT SNIPPET FOR DEBUGGING OUTPUTS ERRORS TO SCREEN */ if (isset($_POST['email']) && isset($_POST['Password']) && isset($_POST['Confirm'])) { // Declare Variables $email = mysql_real_escape_string($_POST['email']); $Password = mysql_real_escape_string($_POST['Password']); $Confirm = mysql_real_escape_string($_POST['Confirm']); // Encrypt passwords with md5 encryption $Password = md5($Password); $Confirm = md5($Confirm); if($Password != $Confirm) { echo "<br>The two passwords did not match<br>"; echo "Please enter your email: <form action=\" \" method=\"POST\"> <input type=\email\" name=\"email\"><br> <br> <br><br><br>Please enter your new password:<br> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <br><input type=\"submit\" value=\"Set Password\"</form>"; exit; } // Check if the email already exists in database $table_name = "members"; // tablename $query = "SELECT * FROM {$table_name} WHERE ('Email' = '{$email}')"; $results = mysql_num_rows(mysql_query($query)); if (!$results ) { echo "<br>email does not exist in the database<br>"; } else { // Insert information to the database mysql_query("UPDATE members SET `Password`='{$Password}' WHERE `Email`='{$email}'"); //Send them to login header("Location:http://oddnerdrum.info/success.html"); } } else { // Displaying Forms echo "Please enter your email: <form action=\" \" method=\"POST\"> <input type=\"text\" name=\"email\"><br> <br> <br><br>Please enter your password:<br> <input type=\"password\" name=\"Password\"><br> <br> Please Confirm that Password: <br><br /> <input type=\"password\" name=\"Confirm\"><br> <br><input type=\"submit\" value=\"Set Password\"></form>"; } ?> Link to comment https://forums.phpfreaks.com/topic/189888-trouble-with-reset-password-form/#findComment-1002158 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.