Timeth Posted July 22, 2012 Share Posted July 22, 2012 Hi there. Im in the process of making a browser based game. Ive sucessfully made a signup, login and logout script. Im now working on a password reset and change password script. The password reset gave me a few difficulties but I managed to solve them. However, the change password one has been driving me mad for hours now. Its probably something pathetic that i'm overlooking but could someone point out any errors please. <?php require_once("inc/common.inc.php"); db_connect(); $login_name = trim(mysql_escape_string((string)$_POST['login_name'])); db("select * from user_accounts where login_name = '$login_name'"); $pass = dbr(); $userPass = $pass['passwd']; $oldPassEnc = md5($_POST[oldpass]); $newPassEnc = md5($_POST[newpass]); $newPassEnc2 = md5($_POST[newpass2]); if ($oldPassEnc != $userPass) { echo "The old password is not correct!<br><br>"; echo "<a href=options2.php>Go back</a><br>"; exit(); } elseif ($newPassEnc != $newPassEnc2) { echo "Your new password did not match!<br><br>"; echo "<a href=options2.php>Go back</a><br>"; exit(); } elseif ($newPassEnc === $oldPassEnc || $newPassEnc === $userPass) { //make sure it's not the same as the old one. echo "Really. You want your new pass to be the same as your old one? Are you just wasting my bandwith?"; echo "<p><a href=options2.php>Go back</a>"; exit(); } else { dbn("update user_accounts set passwd = $newPassEnc where login_name = " . $pass['login_name']); echo "<p>Password changed successfully</p>"; echo "<a href=game_listing.php>Go back to game list</a><br>"; exit(); insert_history($pass['login_id'], "Password Changed"); } include("footer2.php"); ?> the error im getting is "The old password is not correct" so I know that it's something to do with the SQL query and referencing the input for old password, but I just can't spot the mistake. Cheers Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/ Share on other sites More sharing options...
Pikachu2000 Posted July 22, 2012 Share Posted July 22, 2012 Do you php have error reporting set up and enabled with the following directives in your php.ini? error_reporting = -1 display_errors = On Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363486 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 according to the webspace provider display_errors = on error_reporting = no value Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363488 Share on other sites More sharing options...
Pikachu2000 Posted July 22, 2012 Share Posted July 22, 2012 Add this immediately after your opening <?php tag and see if any errors are generated. error_reporting(-1); ini_set('display_errors', 'On'); Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363489 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 none, exactly same as before. Its either not selecting the old password from the db or not reading the inputed old password field Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363491 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 wait, I was wrong. That is a snippet of code, above that is page layout (header, menu etc) I put your little code at the beggining of the file, nothing changed, then put it midway through where the results are checked and got this: Notice: Use of undefined constant oldpass - assumed 'oldpass' in /homepages/33/d423643087/htdocs/se/changepass.php on line 112 Notice: Use of undefined constant newpass - assumed 'newpass' in /homepages/33/d423643087/htdocs/se/changepass.php on line 113 Notice: Use of undefined constant newpass2 - assumed 'newpass2' in /homepages/33/d423643087/htdocs/se/changepass.php on line 114 Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363495 Share on other sites More sharing options...
xyph Posted July 22, 2012 Share Posted July 22, 2012 Have you verified the contents (echo, var_dump) of $userPass before checking it against $oldPassEnc? Have you made sure that your query isn't returning 0 rows? Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363499 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 was: $userPass = $pass[passwd]; $oldPassEnc = md5($_POST[oldpass]); $newPassEnc = md5($_POST[newpass]); $newPassEnc2 = md5($_POST[newpass2]); changed to: $userPass = $pass['passwd']; $oldPassEnc = md5($_POST['oldpass']); $newPassEnc = md5($_POST['newpass']); $newPassEnc2 = md5($_POST['newpass2']); no more undefined constant errors, but still getting old password is not correct when i know 100% the password inputted is the correct password Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363500 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 thanks xyph, its not returning anything so therefore will always be wrong. Will let you know when its fixed Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363505 Share on other sites More sharing options...
Pikachu2000 Posted July 22, 2012 Share Posted July 22, 2012 What does your db() function do? Whatever value it's returning isn't assigned to anything. Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363506 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 Ok, now my query is returning a value, but im still getting an error. The previous issue was a typo on the form input page. However the error i'm now getting is: ERROR! Unknown column 'Timeth' in 'where clause' BACKTRACE array(2) { [0]=> array(4) { ["file"]=> string(53) "/homepages/33/d423643087/htdocs/se/inc/common.inc.php" ["line"]=> int(132) ["function"]=> string(5) "dbDie" ["args"]=> array(0) { } } [1]=> array(4) { ["file"]=> string(49) "/homepages/33/d423643087/htdocs/se/changepass.php" ["line"]=> int(108) ["function"]=> string(2) "db" ["args"]=> array(1) { [0]=> &string(53) "select * from user_accounts where login_name = Timeth" } } } Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363513 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 and pika, my db() function is: function db($string) { global $db_func_query, $database_link; $db_func_query = mysql_query($string, $database_link) or dbDie(); } Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363514 Share on other sites More sharing options...
xyph Posted July 22, 2012 Share Posted July 22, 2012 You need to quote strings in MySQL queries. Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363521 Share on other sites More sharing options...
Timeth Posted July 22, 2012 Author Share Posted July 22, 2012 yep, all sorted now. Been a very long day... thanks for help guys Link to comment https://forums.phpfreaks.com/topic/266080-problem-with-a-change-password-script/#findComment-1363525 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.