Jump to content


Photo

Update Password Code Not Working


  • Please log in to reply
6 replies to this topic

#1 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 25 September 2006 - 01:55 PM

Hello,

l have this code, but when l click submit nothing happens and l can't understand why l have checked to see if their is anything wrong and l can't put my finger on the problem.

#################
## Edit Password ##
#################

		if($_GET['change'] == 'pass'){
		// Have they submitted it to be changed?
				if(isset($_POST['epas'])){
				$oldPass = MD5($_POST['editopass']);
				$newPass = MD5($_POST['editnpass']);
				$cNewPass = MD5($_POST['editcnpass']);
				// Has the user entered the correct old password?
				$sql11 = "SELECT `m.id`,`m.password` FROM `users` WHERE `m.id` ='$mid' AND `m.password` ='$oldPass' ";
				$result11 = mysql_query($sql11) or die("Problem with the query: $sql11 <br>" . mysql_error());
				$users11 = mysql_num_rows($result11);
				if($users11 == 1){
								if( (!$newPass) || (!$cNewPass)  ) {
								echo '<p class="description">You did not submit the following required information!</p>';
								if(!$newPass){
								echo '<p class="description">New Password is a required field!</p>';
								}
								if(!$cNewPass){
								echo '<p class="description">Confirm New password is a required field.</p>';
								}
								exit();
								}
								// Do the 2 new passwords match?
								if("$newPass" !== "$cNewPass"){
								echo '<p class="description">New passwords do not match, please re-enter your new password</p';
								exit();
								}
							// The user has entered the right password
							
							// So update the pasword
				$sql13 = "UPDATE `users` SET `m.password` = '$cNewPass' WHERE `m.id` = '$mid' ";
				$result13 = mysql_query($sql13) or die(mysql_error());
					if($result13){
					?>
					<p class="description">Password updated succesfully!<br />
					<a href="profile.php">Back</a>
					</p>
					<?php
					}
				}
				}
				// Create the form
				?>
				<p class="description"> 
				<form action="<?php echo $PHP_SELF; ?>" method="post">	
				<label>Old Password: </label><input type="password" name="editopass" /><br />	
				<label>New Password: </label><input type="password" name="editnpass" /><br />
				<label>Confirm New Password: </label><input type="password" name="editcnpass" /><br />		
				<br />
				<input type="submit" name="epas" value="Change" /><br /><br />
				</form>
				</p>
				<?php
		}

Thanks,

dual_alliance



#2 obsidian

obsidian
  • Staff Alumni
  • Advanced Member
  • 3,202 posts
  • LocationSeattle, WA

Posted 25 September 2006 - 01:56 PM

well, your form is using the "post" action, but you're checking the $_GET global to see if the form has been submitted. change your code to check the $_POST array and see what you get.
You can't win, you can't lose, you can't break even... you can't even get out of the game.

<?php
while (count($life->getQuestions()) > 0)
{   $life->study(); } ?>
  LINKS: PHP: Manual MySQL: Manual PostgreSQL: Manual (X)HTML: Validate It! CSS: A List Apart | IE bug fixes | Zen Garden | Validate It! JavaScript: Reference Cards RegEx: Everything RegEx

#3 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 25 September 2006 - 02:01 PM

Well not really because higher above the code l have
if($_GET['act'] == edit){

And the link to change the password looks like:
<a href="profile.php?act=edit&change=pass">Edit Password</a><br />

I have used the same structure for editing signatures, avatars etc and they all work fine its just this code ???

#4 obsidian

obsidian
  • Staff Alumni
  • Advanced Member
  • 3,202 posts
  • LocationSeattle, WA

Posted 25 September 2006 - 02:11 PM

are your column names actually prefixed with "m."? you reference all your columns with that, but you're selecting from table 'users' in your query.
You can't win, you can't lose, you can't break even... you can't even get out of the game.

<?php
while (count($life->getQuestions()) > 0)
{   $life->study(); } ?>
  LINKS: PHP: Manual MySQL: Manual PostgreSQL: Manual (X)HTML: Validate It! CSS: A List Apart | IE bug fixes | Zen Garden | Validate It! JavaScript: Reference Cards RegEx: Everything RegEx

#5 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 25 September 2006 - 02:13 PM

Yes they are, my table is called "users" while the colums in my datebase are named "m.id, m.username, m.password, m.signature" etc...

#6 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 25 September 2006 - 03:57 PM

anyone...? :-\

#7 alpine

alpine
  • Members
  • PipPipPip
  • Advanced Member
  • 756 posts
  • LocationNorway

Posted 25 September 2006 - 03:59 PM

where do you get the $mid from then ???

WHERE `m.id` ='$mid'

You have no message shouting if $users11 found is other than "1"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users