Jump to content

Change password... Doesnt seem to work, just resets password

nexuzkid

By nexuzkid
in PHP Coding Help

 Share

Recommended Posts

nexuzkid Newbie

nexuzkid

Posted
Posted

Hello PhP Freaks forum

In the past weeks ive been trying to make a website, where you can register. Everything seems to work except my cherished Change password feature. Everytime you try to change the password, it just resets it to nothing.

 

Here is the code below.

 

<?php

if(isset($_SESSION['username']))

{

$username = $_SESSION['username'];

$lastname = $_SESSION['lastname'];

$firstname = $_SESSION['firstname'];

$email = $_SESSION['email'];

 

echo "

 

<h4>Options for:</h4>   $username

<br />

<br />

First name:   $firstname

 

<br />Last name:   $lastname

 

<br /><br /><h3>Want to change your password:</h3><br />

 

<form action='?do=option' method='post'>

 

Old password <input type='password' placeholder='Has to be between 5-15 digits' name='password' size='30' value='' /><br />

<br />

New Password<input type='password' placeholder='Has to be between 5-15 digits' name='newpass' size='30' value='' /><br />

<br />

Confirm new password <input type='password' placeholder='Has to be between 5-15 digits' name='passconf' size='30' value='' /><br />

 

<center></div><input type='submit' value='Submit'/></center></form>";

 

 

}else{

echo 'Please login to view your options!';

}

 

$password = $_REQUEST['password'];

$pass_conf = $_REQUEST['newpass'];

$email = $_REQUEST['passconf'];

 

$connect = mysql_connect("Host", "User", "Password");

if(!$connect){

die(mysql_error());

}

 

//Selecting database

$select_db = mysql_select_db("My Database", $connect);

if(!$select_db){

die(mysql_error());

}

 

//Find if entered data is correct

 

$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");

$row = mysql_fetch_array($result);

$id = $row['id'];

 

 

mysql_query("UPDATE users SET password='$newpass' WHERE username='$user'")

 

?>

 

And i do know that i dont have a

 

if(Empty($newpass)){

Die(Please fill out the new password)                                                 

}

 

Or any security on the others, but the problem just seems that it resets the password into nothing

 

Hope i can get this fixed :)

 

Best Regards

 

William Pfaffe

kicken Prolific Member

kicken

Posted
Posted

Nice spotted, but just tried it and it still resets the password into nothing. Thanks for reminding me of that spelling fail tho

 

$newpass is also undefined, so essentially your setting it to an empty string.  You probably want $pass_conf.

blacknight Member

blacknight

Posted
Posted

gotta watch the name of your var's

 

$pass_conf = $_REQUEST['newpass'];

$email = $_REQUEST['passconf'];

should be

$pass_new = $_REQUEST['newpass'];

$pass_conf = $_REQUEST['passconf'];

 

or add in 

if (isset($pass_conf) && $pass_conf !='' && isset($pass_new) && $pass_new !='')
{
if ($pass_conf == $pass_new)
{
$newpass = md5($pass_conf)
}
else
{
echo 'your passwords no not match';
}
}
else
{
echo ' one or more of your passwords are blank';
}

 

this is long code but it make sure the passwords are set lol

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.