Jump to content

Change password wierd problem


Linjon

Recommended Posts

Hey. I have one script and if i change password by that then it changes all users passwords which are in database. This is my code:

$username = $_POST['username'];

$password = $_POST['password'];

$con = mysql_connect("localhost","root","");

if (!$con)

  {

  die('Could not connect: ' . mysql_error());

  }

 

mysql_select_db("amxbans", $con);

mysql_query("UPDATE `game`.`users` SET `username` = '$username', `password` = '$password'");

echo "Password changed";

?>

Link to comment
https://forums.phpfreaks.com/topic/198159-change-password-wierd-problem/
Share on other sites

Wow thanks it works now. Can someone help me with checking old password and new passwords?

My form:

<html>
<body>
<table>
<form method = 'post' action= 'change.php'>
<tr>
<td>Username:</td>
<td><input type = 'text' name = 'username'></td>
</tr>
<tr>
<td>Password:</td> 
<td><input type = 'password' name = 'password'></td>
</tr>
<td>Password again:</td> 
<td><input type = 'password' name = 'password2'></td>
</tr>
<tr>
<td><input type = 'submit' name = 'submit' value = 'Change password'></td>
</tr>
</form>
</table>
</body>
</html>

You'd need a field in the form called "oldpassword" or something. Then you'd do a check.

<?php
//Do a query to get the results of the current logged in user
$query = mysql_query("select * from users where id = ".$_SESSION['id']."");
$row = mysql_fetch_assoc($query);
$oldpassword = $_POST['oldpassword'];
if(sha1($oldpassword) == $row['password']) { //Or whatever encryption it is (sha1 I put in)
      //go along with the rest of the code you already have.
} else { 
      echo 'You current password entered is incorrect';
}
?>

Problem:

Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in change.php on line 13

My code:

<?php
$username = $_POST['username'];
$password = $_POST['password'];
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("game", $con);

//Do a query to get the results of the current logged in user
$query = mysql_query("SELECT * FROM users WHERE username = ".$_POST['username']."");
$row = mysql_fetch_assoc($query);
$oldpassword = $_POST['oldpassword'];
if(sha1($oldpassword) == $row['password']) { //Or whatever encryption it is (sha1 I put in)
      //go along with the rest of the code you already have.
} else { 
      echo 'You current password entered is incorrect';
}

mysql_query("UPDATE `game`.`users` SET  `password` = '$password' where `username` = '$username'");
?> 

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.