maxihobbs Posted March 22, 2010 Share Posted March 22, 2010 Fatal error: Call to undefined function escape_data() Any ideas guys, I've scoured forums to no avail. The line of code it relates to is: $e = escape_data($_POST['email']); Many thanks Quote Link to comment Share on other sites More sharing options...
MadTechie Posted March 22, 2010 Share Posted March 22, 2010 Yeah.. their isn't a function called escape_data it must your own function that you haven't included. Quote Link to comment Share on other sites More sharing options...
maxihobbs Posted March 22, 2010 Author Share Posted March 22, 2010 Where does this include... in the db_connect file or the same file? How would I go about this something like function escape_data(); ? Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted March 22, 2010 Share Posted March 22, 2010 Where does this include... in the db_connect file or the same file? How would I go about this something like function escape_data(); ? You have two options: 1. Define your own escape_data() function, since nothing named escape_data() exists in PHP (hence your 'undefined' error). 2. Use the escape function that relates to the kind of database you're using, such as mysql_real_escape_string. Quote Link to comment Share on other sites More sharing options...
maxihobbs Posted March 22, 2010 Author Share Posted March 22, 2010 Ok so I've tried option 2 and now have this code... $e = mysql_real_escape_string($con, trim($_POST['email'])); which shows this error Warning: mysql_real_escape_string() expects parameter 1 to be string, Quote Link to comment Share on other sites More sharing options...
maxihobbs Posted March 22, 2010 Author Share Posted March 22, 2010 Ok Ive been playing around and although I now have no errors. I now have a page that responds with "Password and email do no match what is on file." The code is here <?php session_start(); include("db_connect.php"); ?> < <?php // Check if the form has been submitted. if (isset($_POST['submitted'])) { $errors = array(); // Initialize error array. // Check for an email address. if (empty($_POST['email'])) { $errors[] = 'You forgot to enter your email address.'; } else { $e = mysql_real_escape_string($_POST['email'], $con); } // Check for an existing password. if (empty($_POST['password'])) { $errors[] = 'You forgot to enter your existing password.'; } else { $p = mysql_real_escape_string($_POST['password'], $con); } // Check for a password and match against the confirmed password. if (!empty($_POST['password1'])) { if ($_POST['password1'] != $_POST['password2']) { $errors[] = 'Your new password did not match the confirmed new password.'; } else { $np = mysql_real_escape_string($_POST['password1'], $con); } } else { $errors[] = 'You forgot to enter your new password.'; } if (empty($errors)) { // If everythings OK. // Check that theyve entereed the right email address/password combination. $query = "SELECT id FROM users WHERE (email='$e' AND password=SHA('$p') )"; $result = mysql_query($query); $num = mysql_num_rows($result); if (mysql_num_rows($result) == 1) { // Match was made. // Get the user_id. $row = mysql_fetch_array ($result, MYSQL_NUM); // Make the UPDATE query. $query = "UPDATE users SET password=SHA('$np') WHERE id=$row[0]"; $result = @mysql_query ($query); if (mysql_affected_rows() == 1) { // If it ran OK. // Send an email, if desired. // Print a message. echo'<h1 id="mainhead">Thank you!</h1> <p>Your password has been updated.</p><p><br/></p>'; } else { // If it did not run OK. echo '<h1 id="mainhead">System Error</h1> <p class="error">Your password could not be changed due to a system error. We apologize.</p>'; // Public message. echo '<p>' . mysql_error() . '<br/><br/>Query: ' . $query . '</p>'; // Debugging message. include ('./footer.html'); exit(); } } else { // Invalid email address/password combination. echo '<h1 id="mainhead">Error!</h1> <p class="error">The email address and password do not match those on file.</p>'; } } else { // Report the errors. echo '<h1 id="mainhead">Error!</h1> <p class="error">The following errors(s) occurred:<br/>'; foreach ($errors as $msg) { // Print each error. echo " - $msg<br/>\n"; } echo '</p><p>Please try again.</p><p><br/></p>'; } // End of if (empty($errors)) IF. mysql_close(); // Close the database connection. } // End of the main Submit conditional. ?> Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 22, 2010 Share Posted March 22, 2010 So, that error means that the following test failed - if (mysql_num_rows($result) == 1) { Troubleshoot and find out why you did not get exactly one row in the result set. What is mysql_num_rows($result)? It could be a false value if $result is not a result resource because the query failed due to an error (you have no logic to test if the query failed or not before attempting to access any of the results from the query.) It could be a zero if the query matched no rows (you would need look if there is in fact a row in the table that matches the entered email and the sha() value of the entered password.) It is apparently not a 1. It could be a 2 or higher if you happen to have more than one matching row in the table (you should both look to see if there is more than one row and have a unique key setup for the email column to insure that there can only be one row.) Quote Link to comment Share on other sites More sharing options...
fr34k Posted March 22, 2010 Share Posted March 22, 2010 From glancing over your code, it looks like you aren't supplying a valid password for the specified e-mail address. It is taking the e-mail address and looking for a record that matches has the specified e-mail address and a password value that matches a digest of your posted password. This doesn't appear to be a PHP error. It just looks like you're using the wrong e-mail/password combination. Quote Link to comment Share on other sites More sharing options...
maxihobbs Posted March 22, 2010 Author Share Posted March 22, 2010 Thats the problem, it is the password and username in the database, I've tried it with numerous users. All the errors works fine but it wont actually change my password without saying password and username do not match our file Very confusing! Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 22, 2010 Share Posted March 22, 2010 Someone already suggested several things to check. You are the only person here who can troubleshoot what your code and data are doing on your server. If you are not going to investigate what is going on, you are never going to be able to produce code that does what you want it to. Quote Link to comment Share on other sites More sharing options...
maxihobbs Posted March 22, 2010 Author Share Posted March 22, 2010 I'm not expecting someone to hand feed me the answer, I've tried everything suggested and much more so I'd rather you not accuse me of not investigating as that's garbage. I'm just after some advice and as stated, I apprieciate all the help given, but as yet, it hasn't solved the issue Quote Link to comment Share on other sites More sharing options...
MadTechie Posted March 22, 2010 Share Posted March 22, 2010 I'm not expecting someone to hand feed me the answer, I've tried everything suggested and much more so I'd rather you not accuse me of not investigating as that's garbage. I'm just after some advice and as stated, I apprieciate all the help given, but as yet, it hasn't solved the issue As i have sad Yeah.. their isn't a function called escape_data it must your own function that you haven't included. People can only guess what the function would do, your first step is to find the function if possible and include it if its lost then create the function, a dummy one would be fine to start with function escape_data($data){ return $data; } Then you need to workout what it should do, and apply that to the new function, ie function escape_data($data){ return mysql_real_escape_string($data); } I would like to know where you got the code from ? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 22, 2010 Share Posted March 22, 2010 I've tried everything suggested Yes, but you failed to provide any feed-back as to what you result you got when you tried them that would narrow down the problem and would suggest which direction to check further. We only see the information you provide in your post. Reread what you posted. Does that tell anyone here that you tried anything more than just trying emails and passwords? I suggested finding out what value mysql_num_rows() returned. Each of the three different wrong values has a different cause. Did you find that the query was failing or working and what error was the query producing if it was not working? Did you find that the query worked but did not match any rows in the table and what reason did you find why it was not matching the expected row? Did you find that there are 2 or more matching rows in the table and eliminate the duplicate and take steps to prevent duplicates in the future? I'll tell you what the most likely problem is. Your password field is not long enough to hold a SHA() value and you failed to look at it to see if the sha() of the entered password matched what was in the table as someone had suggested doing. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.