Conjurer Posted October 18, 2006 Share Posted October 18, 2006 I am working on revising some code from a book I am studying on PHP5 and MySQL - one piece isn't working - the part that lets a user reset their password.There are about four or five function calls involved so I have no idea at the moment where it is breaking down. Is there a way to put it in a debug mode so I can step through line by line to see where it is messed up? ??? Quote Link to comment Share on other sites More sharing options...
sanfly Posted October 18, 2006 Share Posted October 18, 2006 It really depends on the layout of your code. Try posting the code and can try and figure out what the best approach is Quote Link to comment Share on other sites More sharing options...
redarrow Posted October 18, 2006 Share Posted October 18, 2006 You best bet is to post the code but in saying that here a thort to consider.If a password is md5 encripted the the password can never be unencripted.the solution to the problam when a user lose there password is to get the user to enater there email address in a box then cheek the email addres aginst the database then update the users password with a random number then post that information to the user to there email address.when it comes to debuging if you got error all set in the php.ini then all bad bugs should show on the line that is wrong. Quote Link to comment Share on other sites More sharing options...
sanfly Posted October 18, 2006 Share Posted October 18, 2006 I think your jumping the gun a little here Redarrow. Conjurer has not mentioned anything about decr[color=red]y[/color]pting the password, and there are a number of places where the problem could lie, from generation of a new random password, or encr[color=red]y[/color]pting and entering a user defined password in the database, or any number of other things.I think the best thing to do here is to post the code and take a look Quote Link to comment Share on other sites More sharing options...
Conjurer Posted October 18, 2006 Author Share Posted October 18, 2006 Well it is supposed to work like Redarrow said, they enter the user name, it creates a new password in SHA1 format and mails to their email. But it isn't creating the password.I will try to piece together the functions and then post it here. Will take a bit.Thanks! Quote Link to comment Share on other sites More sharing options...
Barand Posted October 18, 2006 Share Posted October 18, 2006 [quote author=Conjurer link=topic=111955.msg454021#msg454021 date=1161212485]Is there a way to put it in a debug mode so I can step through line by line to see where it is messed up?[/quote]If you get an IDE like [url=http://www.nusphere.com]Nusphere PHPEd[/url] with an integrated debugger, yes Quote Link to comment Share on other sites More sharing options...
Conjurer Posted October 19, 2006 Author Share Posted October 19, 2006 I pulled together the pieces that are trying to run but not working. See Code below. Problem is I have no way to tell where it is bombing. When I click the link for forgot password I get the forgot password form, fill in the username for the test user and then I get two lines back: This is the username you sent: HoudiniYour password could not be reset - please try again later.And then a link back to the login form.It seems to be jumping to the following piece of code:[quote] catch (Exception $e) { echo 'Your password could not be reset - please try again later.'; }[/quote]How can I add some error checking things in the reset_password() function to help me make sure this part is working and see what is happening?Thanks![code]<?php require_once("bookmark_fns.php5"); do_html_header("Resetting password"); //called from output_fns // creating short variable name $username = $_POST['username'];echo 'This is the username you sent: ' .$username .'<br>'; // added by me for debugging try { $password = reset_password($username); //called from user_auth_fns.php5 -see below notify_password($username, $password); //called from user_auth_fns.php5 -see below echo 'Your new password has been emailed to you.<br />'; } catch (Exception $e) { echo 'Your password could not be reset - please try again later.'; } do_html_url('login.php5', 'Login'); //called from output_fns - jsut wraps Url in in href tag do_html_footer(); //called from output_fns - just closes body and html tag.?>Here are the relevent called functions:// bookmark_fns.php5 require_once('data_valid_fns.php5'); require_once('db_fns.php5'); require_once('user_auth_fns.php5'); require_once('output_fns.php5'); require_once('url_fns.php5');// functions from user_auth_fns.php5function reset_password($username)// set password for username to a random value// return the new password or false on failure{ // get a random dictionary word b/w 6 and 13 chars in length $new_password = get_random_word(6, 13); if($new_password==false) throw new Exception('Could not generate new password.'); // add a number between 0 and 999 to it // to make it a slightly better password srand ((double) microtime() * 1000000); $rand_number = rand(0, 999); $new_password .= $rand_number; // set user's password to this in database or return false $conn = db_connect(); $result = $conn->query( "update user set passwd = sha1('$new_password') where username = '$username'"); if (!$result) throw new Exception('Could not change password.'); // not changed else return $new_password; // changed successfully }function notify_password($username, $password)// notify the user that their password has been changed{ $conn = db_connect(); $result = $conn->query("select email from user where username='$username'"); if (!$result) { throw new Exception('Could not find email address.'); } else if ($result->num_rows==0) { throw new Exception('Could not find email address.'); // username not in db } else { $row = $result->fetch_object(); $email = $row->email; $from = "From: support@phpbookmark \r\n"; $mesg = "Your PHPBookmark password has been changed to $password \r\n" ."Please change it next time you log in. \r\n"; if (mail($email, 'PHPBookmark login information', $mesg, $from)) return true; else throw new Exception('Could not send email.'); }} [/code] Quote Link to comment Share on other sites More sharing options...
Conjurer Posted October 19, 2006 Author Share Posted October 19, 2006 I echoed out the $e error variable and get the following: [quote]'Exception' with message 'Could not generate new password.' in /home/consult/public_html/development/Testing/26/user_auth_fns.php5:124 Stack trace: #0 /home/consult/public_html/development/Testing/26/forgot_passwd.php5(10): reset_password('Houdini') #1 {main}[/quote]Does that mean line 124 of user_auth_fns is where the error happened? If so that would be where it tried to get a random dictionary word b/w 6 and 13 chars in length for the new password. Is this dictionary function maybe not loaded? If so, how would I find out, how would I load, or what is another approach here to generate a random password?So much to learn, so little time! ::)function reset_password($username)[code]116 function reset_password($username)117 // set password for username to a random value118 // return the new password or false on failure119 { 120 // get a random dictionary word b/w 6 and 13 chars in length121 $new_password = get_random_word(6, 13);122 123 if($new_password==false)124 throw new Exception('Could not generate new password.'); // <<<<<<<<<<<<Error Line!??125 // add a number between 0 and 999 to it126 // to make it a slightly better password127 srand ((double) microtime() * 1000000);128 $rand_number = rand(0, 999); 129 $new_password .= $rand_number; [/code] Quote Link to comment Share on other sites More sharing options...
Conjurer Posted October 19, 2006 Author Share Posted October 19, 2006 [b]Bingo![/b]Turns out get_random_word is a defined function in another part of the includes and it is looking for a dictionary to pull the word from.Now I just need to find the dictionary. But I would mark this resolved, if I knew how. ::) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.