Garloz Posted April 1, 2010 Share Posted April 1, 2010 <?php if (isset($_POST['submit'])) { // Handle the form. require_once ('databaseconnectinfo.php'); // Connect to the db. // Create a function for escaping the data. function escape_data ($data) { global $dbc; // Need the connection. if (ini_get('magic_quotes_gpc')) { $data = stripslashes($data); } return mysql_real_escape_string($data, $dbc); } // End of function. $message = NULL; // Create an empty new variable. // Check for a loginName. if (empty($_POST['loginName'])) { $lo = FALSE; $message .= '<p>You forgot to enter your Login Name!</p>'; } else { $lo = escape_data($_POST['loginName']); } // Check for an existing password. if (empty($_POST['password'])) { $pa = FALSE; $message .= '<p>You forgot to enter your existing password!</p>'; } else { $pa = escape_data($_POST['password']); } // Check for a password and match against the confirmed password. if (empty($_POST['password1'])) { $npa = FALSE; $message .= '<p>You forgot to enter your new password!</p>'; } else { if ($_POST['password1'] == $_POST['password2']) { $npa = escape_data($_POST['password1']); } else { $npa = FALSE; $message .= '<p>Your new password did not match the confirmed new password!</p>'; } } if ($lo && $pa && $npa) { // If everything's OK. $query = "SELECT id FROM tablename WHERE (loginName='$lo' AND password=password('$pa') )"; $result = @mysql_query ($query); $num = mysql_num_rows ($result); if ($num == 1) { $row = mysql_fetch_array($result, mysql_NUM); // Make the query. $query = "UPDATE tablename SET password=password('$npa') WHERE id=$row[0]"; $result = @mysql_query ($query); // Run the query. if (mysql_affected_rows() == 1) { // If it ran OK. // Send an email, if desired. echo '<p><b>Your password has been changed.</b></p>'; exit(); // Quit the script. } else { // If it did not run OK. $message = '<p>Your password could not be changed due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>'; } } else { $message = '<p>Your loginName and password do not match our records.</p>'; } mysql_close(); // Close the database connection. } else { $message .= '<p>Please try again.</p>'; } } // End of the main Submit conditional. // Print the error message if there is one. if (isset($message)) { echo '<font color="red">', $message, '</font>'; } ?> <form action="<?php echo $_SERVER['php_SELF'];?>" method="post"> <fieldset><legend>Enter your information in the form below:</legend> <p><b>Login Name:</b> <input type="text" name="loginName" size="10" maxlength="20" value="<?php if (isset($_POST['loginName'])) echo $_POST['loginName'];?>" /></p> <p><b>Current password:</b> <input type="password" name="password" size="20" maxlength="20" /></p> <p><b>New password:</b> <input type="password" name="password1" size="20" maxlength="20" /></p> <p><b>Confirm New password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"><input type="submit" name="submit" value="change My password" /></div> </form> It says all the time "Please try again" and don't update database. Link to comment https://forums.phpfreaks.com/topic/197209-changing-password-not-works/ Share on other sites More sharing options...
Deoctor Posted April 1, 2010 Share Posted April 1, 2010 check whether u are able to connect to the database.. change require_once to require also try using error_reporting(0) in the beginning of the page.. to get errors Link to comment https://forums.phpfreaks.com/topic/197209-changing-password-not-works/#findComment-1035122 Share on other sites More sharing options...
Garloz Posted April 1, 2010 Author Share Posted April 1, 2010 I fixed it. I had problem with function.. but now. It will give me "Your login name and password doesnt match..." That means, that php is unabled to connect or check from database. Because I add right username and password.. My code is like so now: <?php if (isset($_POST['submit'])) { // Handle the form. error_reporting(0); // This is an example of config.php $dbhost = 'localhost'; $dbuser = 'dbuser'; $dbpass = 'dbpass'; $dbname = 'dbname'; // This is an example opendb.php $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); // Create a function for escaping the data. function escape_data ($data) { if (ini_get('magic_quotes_gpc')) { $data = stripslashes($data); } return mysql_escape_string (trim ($data)); } // End of function. $message = NULL; // Create an empty new variable. // Check for a loginName. if (empty($_POST['loginName'])) { $lo = FALSE; $message .= '<p>You forgot to enter your Login Name!</p>'; } else { $lo = escape_data($_POST['loginName']); } // Check for an existing password. if (empty($_POST['password'])) { $pa = FALSE; $message .= '<p>You forgot to enter your existing password!</p>'; } else { $pa = escape_data($_POST['password']); } // Check for a password and match against the confirmed password. if (empty($_POST['password1'])) { $npa = FALSE; $message .= '<p>You forgot to enter your new password!</p>'; } else { if ($_POST['password1'] == $_POST['password2']) { $npa = escape_data($_POST['password1']); } else { $npa = FALSE; $message .= '<p>Your new password did not match the confirmed new password!</p>'; } } if ($lo && $pa && $npa) { // If everything's OK. $query = "SELECT id FROM testtable WHERE (username='$lo' AND password=password('$pa') )"; $result = @mysql_query ($query); $num = mysql_num_rows ($result); if ($num == 1) { $row = mysql_fetch_array($result, mysql_NUM); // Make the query. $query = "UPDATE testtable SET password=password('$npa') WHERE id=$row[0]"; $result = @mysql_query ($query); // Run the query. if (mysql_affected_rows() == 1) { // If it ran OK. // Send an email, if desired. echo '<p><b>Your password has been changed.</b></p>'; exit(); // Quit the script. } else { // If it did not run OK. $message = '<p>Your password could not be changed due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>'; } } else { $message = '<p>Your loginName and password do not match our records.</p>'; } mysql_close(); // Close the database connection. } else { $message .= '<p>Please try again.</p>'; } } // End of the main Submit conditional. // Print the error message if there is one. if (isset($message)) { echo '<font color="red">', $message, '</font>'; } ?> <form action="<?php echo $_SERVER['php_SELF'];?>" method="post"> <fieldset><legend>Enter your information in the form below:</legend> <p><b>Login Name:</b> <input type="text" name="loginName" size="10" maxlength="20" value="<?php if (isset($_POST['loginName'])) echo $_POST['loginName'];?>" /></p> <p><b>Current password:</b> <input type="password" name="password" size="20" maxlength="20" /></p> <p><b>New password:</b> <input type="password" name="password1" size="20" maxlength="20" /></p> <p><b>Confirm New password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"><input type="submit" name="submit" value="change My password" /></div> </form> Link to comment https://forums.phpfreaks.com/topic/197209-changing-password-not-works/#findComment-1035141 Share on other sites More sharing options...
Garloz Posted April 1, 2010 Author Share Posted April 1, 2010 I think the error is here, but im not sure.. $query = "SELECT id FROM testtable WHERE (username='$lo' AND password=password('$pa') )"; $result = @mysql_query ($query); $num = mysql_num_rows ($result); if ($num == 1) { $row = mysql_fetch_array($result, mysql_NUM); // Make the query. $query = "UPDATE testtable SET password=password('$npa') WHERE id=$row[0]"; $result = @mysql_query ($query); // Run the query. if (mysql_affected_rows() == 1) { // If it ran OK. Help anyone??? Please. Link to comment https://forums.phpfreaks.com/topic/197209-changing-password-not-works/#findComment-1035311 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.