IamSuchANoob Posted March 11, 2011 Share Posted March 11, 2011 Hi all! I am very new to php and mysql world so I could need some help. I found this UCP php code to control a database, where we could find various userinfo. I edited it and for unknown reasons everything else works except the change password. Here is the NewPassword.php: <html> <body> <form action="Newpass.php" method="post"> <b><font size="4" color="#000080">Change your password! </font></b> <p>Old password <input type="password" name="P1" size="20" /> </p> <p>New Password <input type="password" name="P2" size="20" /></p> <p>Confirm New Password <input type="password" name="P3" size="20" /></p> <p> <input type="submit" /> <input type="reset" /> </p> <a href="Logged.php"">Go back</a> </form> </body> </html> And here is the Newpass.php <?php session_start(); $pass1 = $_POST["P1"]; $pass2 = $_POST["P2"]; $pass3 = $_POST["P3"]; $escpass1 = mysql_real_escape_string($pass3); $escpass2 = mysql_real_escape_string($pass3); $escpass3 = mysql_real_escape_string($pass3); $user = $_SESSION['Username']; if(!isset($_SESSION['Username'])) { echo('You are not logged in!'); echo '<a href="index.php"">Go back</a>'; die; } $escuser = mysql_real_escape_string($user); include("database.php"); $query = "SELECT * FROM playerinfo WHERE user = '$escuser'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if (!$con) { die('Could not connect: ' . mysql_error()); } $username_exist = mysql_num_rows($result); if($username_exist == 0) { echo('That username does not exist'); echo '<a href="NewPassword.php"">Go back</a>'; die; } if($escpass1 !== $row[1]) { echo("Wrong old password!"); echo '<a href="New Password.php"">Go back</a>'; die; } if($escpass2 !== $escpass3) { echo("Your new passwords do not match!"); echo '<a href="NewPassword.php"">Go back</a>'; die; } $query = "UPDATE playerinfo SET password = '$escpass3' WHERE user= '$escuser'"; $result = mysql_query($query); echo 'Password Changed!'; $_SESSION['Password'] = $escpass3; echo '<a href="Logged.php"">Go back</a>'; ?> And database.php <?php $con = mysql_connect("edit","edit","edit"); mysql_select_db("edit"); //Remember that if you are using a external source, change the login info (mysql_connect(server[],user[],pass[]); ?> I edited the user/pw for obvious reasons. So the problem itself: Whatever I insert in password box I get this in return: Warning: mysql_real_escape_string(): Access denied for user ''@'localhost' (using password: NO) in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 6 Warning: mysql_real_escape_string(): A link to the server could not be established in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 6 Warning: mysql_real_escape_string(): Access denied for user 'crpnet'@'localhost' (using password: NO) in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 7 Warning: mysql_real_escape_string(): A link to the server could not be established in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 7 Warning: mysql_real_escape_string(): Access denied for user 'crpnet'@'localhost' (using password: NO) in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 8 Warning: mysql_real_escape_string(): A link to the server could not be established in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 8 Warning: mysql_real_escape_string(): Access denied for user 'crpnet'@'localhost' (using password: NO) in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 16 Warning: mysql_real_escape_string(): A link to the server could not be established in /home/crpnet/domains/c-rp.net/public_html/blankUCP/Newpass.php on line 16 That username does not existGo back Link to comment https://forums.phpfreaks.com/topic/230344-phpmysql-help/ Share on other sites More sharing options...
Pikachu2000 Posted March 11, 2011 Share Posted March 11, 2011 You have to have established your database connection before using mysql_real_escape_string(). Move the file inclusion to the top of the script. Link to comment https://forums.phpfreaks.com/topic/230344-phpmysql-help/#findComment-1186186 Share on other sites More sharing options...
IamSuchANoob Posted March 11, 2011 Author Share Posted March 11, 2011 You have to have established your database connection before using mysql_real_escape_string(). Move the file inclusion to the top of the script. Thank you so much! Link to comment https://forums.phpfreaks.com/topic/230344-phpmysql-help/#findComment-1186193 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.