ethan89 Posted August 30, 2010 Share Posted August 30, 2010 This is completely different code than my change password script thread. This is not double posting. Whenever I use this script to change my email, it just changes the email to nothing (blank). What could be wrong with it? Help is hugely appreciated. I know you don't have to use your valuable time to help me. <?php // I removed the connect to db part session_start(); $username = $_SESSION['username']; $email = $_POST['email']; $newemail = $_POST['newemail']; $confirmnewemail = $_POST['confirmnewemail']; $result = mysql_query("SELECT email FROM members WHERE username='$username'"); if($email!= mysql_result($result, 0)) { echo "The email address you entered is incorrect."; } if($newemail==$confirmnewemail) $sql=mysql_query("UPDATE members SET email='$newemail' where username='$username'"); if($sql) { echo "You have successfully changed your email address."; } else { echo "The new email and confirm new email fields were different."; } ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 $newemail probably has an empty string as its value. Did you try echoing the variables to see if they contain the expected values? Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 newemail is what the person puts into the form. The form didn't have any empty fields when I tried it. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 Irrespective of the form, how do you know if the variables have valid values? Just because you enter something in a form, doesn't mean there isn't a problem preventing a variable from getting the correct value assigned to it. Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 I don't understand anything you said. I'm a complete newbie at PHP. I haven't had anything go wrong before when getting something using $_POST. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 Can you post the form also, and I'll look everything over. . . Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 Sure, thanks for helping me out. <?php session_start(); if(!isset($_SESSION['username']) || (trim($_SESSION['username'])=='')) { header("location: members_only_area.php"); exit(); } ?> <form action="change_password22.php"> password<input type="password" name="password"> new password<input type="password" name="newpassword"> confirm new password<input type="password" name="confirmnewpassword"> <input type="submit" value="Change Password"> </form> Quote Link to comment Share on other sites More sharing options...
xeronix Posted August 30, 2010 Share Posted August 30, 2010 I see no email box in that form, either that or my eyes are tired. Can you make a separate PHP file and have that echo each variable? Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 I don't think that's the right form . . . Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 Sure, I can do that, but I just realized that I gave you the wrong code. That's the second time today. I don't know what is wrong with me. Here it is: <form action="change_email.php"> Current Email: <input type="text" name="email"> New Email: <input type="text" name="newemail"> Confirm New Email: <input type="text" name="confirmnewemail"> <input type="submit" value="Change Email"> </form> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 When you submit the form, I'm sure you 'll notice the address in the browser suddenly has a string behind the URL something like /change_password.php?password=something&newpassword=something_else. That's because if you don't specify a method= in your form tag, the method defaults to GET whereas in the script, you're looking for POST variables coming in. All you should need to do to fix it is change the <form tag to <form action="change_password22.php" method="post"> Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 Ohhhhhhhhhhhhhhhhhhh I was really concerned about the password being displayed at the top lol. Thanks for searching through my garbage code and finding my silly mistake! I really don't think I could ever spot that on my own . Thanks so much for helping me! I'll post again to tell you if it changes the password or not Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 You're welcome. If it works, and the problem is solved, please remember to mark the topic solved using the button in the lower left corner of the page. If it still doesn't work, let me know! Quote Link to comment Share on other sites More sharing options...
xeronix Posted August 30, 2010 Share Posted August 30, 2010 I do think however you might want to look at hashing your password with a universal hash that you call in. This would help with security and browser sniffing greatly. Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 Well, it's a big improvement that it doesn't show the info in the URL anymore, but instead of changing the password or making the password blank, now it just doesn't do anything and the password stays the same.. Maybe I can solve this on my own now that it's not hugely messed up anymore, but it would be cool if someone could tell me what's wrong . I will mark this as solved as soon as it's fixed. Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 I thought about hashing but it seems complicated, because then I have to add a reset password thing instead of just sending them their password. Quote Link to comment Share on other sites More sharing options...
ethan89 Posted August 30, 2010 Author Share Posted August 30, 2010 Oh never mind, it works perfectly. I was doing something wrong when I tested it last time. Thanks so much guys. Solved Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted August 30, 2010 Share Posted August 30, 2010 I thought about hashing but it seems complicated, because then I have to add a reset password thing instead of just sending them their password. Correct, but it really is a much better way of doing it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.