Jump to content

Archived

This topic is now archived and is closed to further replies.

hannah

Change password form

Recommended Posts

I am trying to create a form so users can change their passwords. Obviously i am not writing the code right. I've tried like 20 different methods I got from the internet and books but still doesn't work. My server has PHP 5.0 so I donno what the deal is.
So this is called changepass.php which will be called after changepass01.html sends the form information there.

<?php

include 'connect.php';

$currentpass = $HTTP_POST_VARS['pass'];
$oldpass = $HTTP_POST_VARS['oldpass'];
$newpass = $HTTP_POST_VARS['newpass'];
$user = $HTTP_POST_VARS['user'];



if (empty($oldpass) || empty($newpass))
{
echo('<p><center><b>please enter BOTH your old and new passwords</b></p>');
exit();
}


elseif ($oldpass !== $currentpass)
{
echo('you entered an incorrect password, hit back to retry');
exit();
}


elseif ($oldpass == $currentpass)
{
$query="UPDATE memtb SET pass='$newpass' WHERE id='$user';";
$result =mysql_query($query);

if ($result)
echo mysql_affected_rows().' inserted into the DB';

exit();
}


?>


So what am I doing wrong? I found some people use
$query = "SELECT id FROM memtb WHERE (id='".$user."')"; somethin like that where you use periods I donno I tried doing that.. but then it doesn't update.

Please help! Thanks in advance :)

Share this post


Link to post
Share on other sites
This seems straight forward, but a quick question before we go any further...

What's the difference between $currentpass and $oldpass?

Regards
Huggie

Share this post


Link to post
Share on other sites
Don't use $HTTP_POST_VARS, use $_POST instead. When you enter the routine, dump what is coming from the form:
[code]<?php echo '<pre>' . print_r($_POST,true) . '</pre>'; [/code]

Ken

Share this post


Link to post
Share on other sites
[quote author=hannah link=topic=111090.msg449931#msg449931 date=1160495442]
So what am I doing wrong? I found some people use
$query = "SELECT id FROM memtb WHERE (id='".$user."')"; somethin like that where you use periods I donno I tried doing that.. but then it doesn't update.
[/quote]

The periods in that string connect a literal string (the part within the quotes) and a PHP variable.  The final string would be as follows:
[code]
<?php
...
$user = "MyName";
$query = "SELECT id FROM memtb WHERE (id='".$user."')";
echo $query;
...
?>
[/code]

Would output:
[code]
SELECT id FROM memtb WHERE (id='MyName')
[/code]

Now, for the problem that your having with your password change form, could you post the code in your changepass01.html?

Share this post


Link to post
Share on other sites
OMFG I finally made it work! Thank you all for your responses.
Huggiebear, yea I see ur point. I donno what the differences are. When i copied down the code the code provider did not show the form code so yea that was confusing. I cleared it up now.

kenrbnsn, you were right, I learned that $HTTP_POST_VARS is not auto-global. $_POST works much better. However i did not understand how to apply what you've suggested.

Anyways, here's the final code for anybody who wants to see it:

changepass.php
<?php

include 'connect.php';

$user=$_POST['user'];
$currentpass=$_POST['pass'];
$pass1=$_POST['oldpass'];
$pass2=$_POST['newpass'];

if (empty($pass) || empty($pass1))
{
echo('<p><center><b>please enter BOTH your old and new passwords</b></p>');
exit();
}


elseif ($pass1 == $pass2)
{
$query="UPDATE memtb SET pass='$newpass' WHERE id='$user';";
$result =mysql_query($query);

if ($result)
echo mysql_affected_rows().' inserted into the DB';

exit();
}


?>

changepass01.html
<form action="passchange.php" method="post">
<fieldset><legend>Enter your information in the form below:</legend>

<p><b>Login Name:</b> <input type="text" name="user" size="10" maxlength="20" /></p>

<p><b>Current Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>

<p><b>New Password:</b> <input type="password" name="oldpass" size="20" maxlength="20" /></p>

<p><b>Confirm New Password:</b> <input type="password" name="newpass" size="20" maxlength="20" /></p>
</fieldset>

<div align="center"><input type="submit" name="submit" value="Change My Password" /></div>

</form>

what frustrates me, as a newbie, is how i struggled so hard to get here, and it really could have been prevented had the code providers have been giving accurate information.
Anyways, kudos to all you moderators and php geniuses. If i ever become as knowledgable as you guys, I'll be sure to give back.

www.greatlakesboatingfederation.org  <--I'm the web design intern there. Just wanted to throw that out.

Peace

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.