Jump to content

Changing password not works!!


Garloz

Recommended Posts

<?php

if (isset($_POST['submit'])) {
// Handle the form.

require_once ('databaseconnectinfo.php');
// Connect to the db.

// Create a function for escaping the data.
function escape_data ($data) {
global $dbc; // Need the connection.
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
// End of function.

$message = NULL; // Create an empty new variable.

// Check for a loginName.
if (empty($_POST['loginName'])) {
$lo = FALSE;
$message .= '<p>You forgot to enter your Login Name!</p>';
} else {
$lo = escape_data($_POST['loginName']);
}

// Check for an existing password.
if (empty($_POST['password'])) {
$pa = FALSE;
$message .= '<p>You forgot to enter your existing password!</p>';
} else {
$pa = escape_data($_POST['password']);
}

// Check for a password and match against the confirmed password.
if (empty($_POST['password1'])) {
$npa = FALSE;
$message .= '<p>You forgot to enter your new password!</p>';
} else {
if ($_POST['password1'] == $_POST['password2']) {
$npa = escape_data($_POST['password1']);
} else {
$npa = FALSE;
$message .= '<p>Your new password did not match the confirmed new password!</p>';
}
}

if ($lo && $pa && $npa) { // If everything's OK.

$query = "SELECT id FROM tablename WHERE (loginName='$lo' AND password=password('$pa') )";
$result = @mysql_query ($query);
$num = mysql_num_rows ($result);
if ($num == 1) {
$row = mysql_fetch_array($result, mysql_NUM);

// Make the query.
$query = "UPDATE tablename SET password=password('$npa') WHERE id=$row[0]";
$result = @mysql_query ($query); // Run the query.
if (mysql_affected_rows() == 1) { // If it ran OK.

// Send an email, if desired.
echo '<p><b>Your password has been changed.</b></p>';

exit(); // Quit the script.

} else { // If it did not run OK.
$message = '<p>Your password could not be changed due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>';
}
} else {
$message = '<p>Your loginName and password do not match our records.</p>';
}
mysql_close(); // Close the database connection.

} else {
$message .= '<p>Please try again.</p>';
}

} // End of the main Submit conditional.

// Print the error message if there is one.
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>

<form action="<?php echo $_SERVER['php_SELF'];?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>

<p><b>Login Name:</b> <input type="text" name="loginName" size="10" maxlength="20" value="<?php if (isset($_POST['loginName'])) echo $_POST['loginName'];?>" /></p>

<p><b>Current password:</b> <input type="password" name="password" size="20" maxlength="20" /></p>

<p><b>New password:</b> <input type="password" name="password1" size="20" maxlength="20" /></p>

<p><b>Confirm New password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p>
</fieldset>

<div align="center"><input type="submit" name="submit" value="change My password" /></div>

</form> 

 

It says all the time "Please try again" and don't update database. :(

Link to comment
https://forums.phpfreaks.com/topic/197209-changing-password-not-works/
Share on other sites

I fixed it. I had problem with function.. but now. It will give me "Your login name and password doesnt match..." That means, that php is unabled to connect or check from database. Because I add right username and password..

My code is like so now:

<?php
if (isset($_POST['submit'])) {
// Handle the form.

error_reporting(0);


// This is an example of config.php
$dbhost = 'localhost';
$dbuser = 'dbuser';
$dbpass = 'dbpass';
$dbname = 'dbname';


// This is an example opendb.php
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die                      ('Error connecting to mysql');
mysql_select_db($dbname);



// Create a function for escaping the data.
function escape_data ($data) {
  if (ini_get('magic_quotes_gpc')) {
    $data = stripslashes($data);
  }
  return mysql_escape_string (trim ($data));
} 
// End of function.

$message = NULL; // Create an empty new variable.

// Check for a loginName.
if (empty($_POST['loginName'])) {
$lo = FALSE;
$message .= '<p>You forgot to enter your Login Name!</p>';
} else {
$lo = escape_data($_POST['loginName']);
}

// Check for an existing password.
if (empty($_POST['password'])) {
$pa = FALSE;
$message .= '<p>You forgot to enter your existing password!</p>';
} else {
$pa = escape_data($_POST['password']);
}

// Check for a password and match against the confirmed password.
if (empty($_POST['password1'])) {
$npa = FALSE;
$message .= '<p>You forgot to enter your new password!</p>';
} else {
if ($_POST['password1'] == $_POST['password2']) {
$npa = escape_data($_POST['password1']);
} else {
$npa = FALSE;
$message .= '<p>Your new password did not match the confirmed new password!</p>';
}
}

if ($lo && $pa && $npa) { // If everything's OK.

$query = "SELECT id FROM testtable WHERE (username='$lo' AND password=password('$pa') )";
$result = @mysql_query ($query);
$num = mysql_num_rows ($result);
if ($num == 1) {
$row = mysql_fetch_array($result, mysql_NUM);

// Make the query.
$query = "UPDATE testtable SET password=password('$npa') WHERE id=$row[0]";
$result = @mysql_query ($query); // Run the query.
if (mysql_affected_rows() == 1) { // If it ran OK.

// Send an email, if desired.
echo '<p><b>Your password has been changed.</b></p>';

exit(); // Quit the script.

} else { // If it did not run OK.
$message = '<p>Your password could not be changed due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>';
}
} else {
$message = '<p>Your loginName and password do not match our records.</p>';
}
mysql_close(); // Close the database connection.

} else {
$message .= '<p>Please try again.</p>';
}

} // End of the main Submit conditional.

// Print the error message if there is one.
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>

<form action="<?php echo $_SERVER['php_SELF'];?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>

<p><b>Login Name:</b> <input type="text" name="loginName" size="10" maxlength="20" value="<?php if (isset($_POST['loginName'])) echo $_POST['loginName'];?>" /></p>

<p><b>Current password:</b> <input type="password" name="password" size="20" maxlength="20" /></p>

<p><b>New password:</b> <input type="password" name="password1" size="20" maxlength="20" /></p>

<p><b>Confirm New password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p>
</fieldset>

<div align="center"><input type="submit" name="submit" value="change My password" /></div>

</form> 

I think the error is here, but im not sure..  :shrug:

 

$query = "SELECT id FROM testtable WHERE (username='$lo' AND password=password('$pa') )";
$result = @mysql_query ($query);
$num = mysql_num_rows ($result);
if ($num == 1) {
$row = mysql_fetch_array($result, mysql_NUM);

// Make the query.
$query = "UPDATE testtable SET password=password('$npa') WHERE id=$row[0]";
$result = @mysql_query ($query); // Run the query.
if (mysql_affected_rows() == 1) { // If it ran OK.

 

Help anyone??? Please.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.