Glenskie Posted April 8, 2014 Share Posted April 8, 2014 For some reason I can get it to find the data and check if you submitted the correct old password but it will not update the new one? I'm not sure what to do next I have tried everything... <?php include 'header.php'; if (isset ($_POST['passupdate'])){ $pass = $_POST['pass']; $opass = $_POST['opass']; $db_passwordcheck = md5($opass); $db_password = md5($salt.$pass); $sql = mysql_query("SELECT * FROM members WHERE username='$username' AND password='$db_passwordcheck'"); $login_check = mysql_num_rows($sql); if($login_check > 0){ $updatepass = "UPDATE members SET password='$db_password' WHERE username=$username"; $result = mysql_query($updatepass); $congrats = "password updated."; }else{ $congrats = "wrong password try again..."; } } ?> <form class="form-1" method="POST"> <label for="opassword">Old Password: </label> <input id="opass" type="password" name="opass" placeholder="old password" /> <label for="password">New Password: </label> <input id="pass" type="password" name="pass" placeholder="new password" /> <input type="submit" id="passupdate" name="passupdate" value="Update Password" class="btn right" /> <?php print($congrats);?> </form> Quote Link to comment https://forums.phpfreaks.com/topic/287614-php-update-password/ Share on other sites More sharing options...
Ch0cu3r Posted April 8, 2014 Share Posted April 8, 2014 Where is $username defined? Quote Link to comment https://forums.phpfreaks.com/topic/287614-php-update-password/#findComment-1475407 Share on other sites More sharing options...
Glenskie Posted April 8, 2014 Author Share Posted April 8, 2014 (edited) its defined in header.php and so is $salt Edited April 8, 2014 by Glenskie Quote Link to comment https://forums.phpfreaks.com/topic/287614-php-update-password/#findComment-1475408 Share on other sites More sharing options...
Solution Ch0cu3r Posted April 8, 2014 Solution Share Posted April 8, 2014 (edited) $username in the update query should be wrapped in quotes $updatepass = "UPDATE members SET password='$db_password' WHERE username='$username'"; If the password is still not updating you'll want to check to see to see if mysql_query is failing due to an error, then use mysql_error to find out what the error is. Edited April 8, 2014 by Ch0cu3r Quote Link to comment https://forums.phpfreaks.com/topic/287614-php-update-password/#findComment-1475410 Share on other sites More sharing options...
MDCode Posted April 8, 2014 Share Posted April 8, 2014 ^ and shouldn't $db_passwordcheck be hashed with the salt too? Quote Link to comment https://forums.phpfreaks.com/topic/287614-php-update-password/#findComment-1475412 Share on other sites More sharing options...
Glenskie Posted April 8, 2014 Author Share Posted April 8, 2014 Thank you so much ! Quote Link to comment https://forums.phpfreaks.com/topic/287614-php-update-password/#findComment-1475413 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.