eciym Posted March 1, 2007 Share Posted March 1, 2007 Hi I meekly ask for your help , I have been pawing away at this for a day now and can't get my head around it. it is supposed to change the value of the password for the current user. however upon clicking the submit button, it jumps back to the opening page/begging of the script without changing the password. First off i should say the code was converted from another function that registered new users, so if something looks wrong/idiotic/insane/ill contemplated, it is. I have tried to pluck out what I believe are the important bits. This has been like running around in the dark in a barbed wire factory. form page if($_POST['form_byttpass']) { print ' <h1>Ändra Lösenordet</H1> <form name="form1" method="post" action=""> <table border="0"> <tr> </tr> <tr> <td colspan="2"> <input type="hidden" name="register" value="true"> <input type="" name="id" value="'.$id.'"></td> <td>password:</td><td><input type="password" name="password" value=""></td> </tr> <tr> <td colspan="2" height="20px" valign="bottom" align="right"><input type="submit" name="Bytt" value="Ändra"></td> </tr> </table> </form>'; included as a file in form page. function byttpass($password) { $username = mysql_escape_string($id); $password = mysql_escape_string(md5($password)); $result=mysql_fetch_array(mysql_query("SELECT * FROM member WHERE id = '{$id}'"), MYSQL_ASSOC); $insert = mysql_query("INSERT INTO member VALUES ('', '', '$password', '', '', '')") or DIE ($this->query_error); $result = mysql_fetch_array(mysql_query("SELECT * FROM member WHERE id = '{$id}' AND password = '{$password}'"), MYSQL_ASSOC) or DIE ($this->query_error1); $this->message .= '<p>lösenord uppdaterade</p>'; $this->set_session($result,$remember,true); //log user on return true; } else { $this->message .= 'somfins gone broken'; return false; } Quote Link to comment Share on other sites More sharing options...
itsmeArry Posted March 1, 2007 Share Posted March 1, 2007 function byttpass($password) you are passing the password here ahere are you setting the $id I think $id is not having any value try echo the query for update you will get an idea. Quote Link to comment Share on other sites More sharing options...
eciym Posted March 2, 2007 Author Share Posted March 2, 2007 Ok after a lot more looking , still dont get the problem, the fuction will not connect with the database and gives the error message, mysql_connect i have even put the connection strings in the function but that hasnt helped. it echos all the variables and fails on INSERT. please if anybody has any idea why it's not working I would appreciate it. function byttpass($password) { $db = mysql_connect("localhost","user", "password") or die(mysql_error()); mysql_select_db("db",$db) or die(mysql_error()); echo "+++++ $db +++++"; $id = mysql_escape_string($id); $password = mysql_escape_string(md5($password)); echo "$id"; echo "$password"; $result=mysql_fetch_array(mysql_query("SELECT id, username, password, token, session, ip FROM member WHERE id = '{$id}'"), MYSQL_ASSOC); echo "$result"; $insert = mysql_query("INSERT INTO member VALUES ('', '', '$password', '', '', '')") or DIE ($this->query_error); $result = mysql_fetch_array(mysql_query("SELECT * FROM member WHERE id = '{$id}' AND password = '{$password}'"), MYSQL_ASSOC) or DIE ($this->query_error1); $this->message .= '<p>lösenord uppdaterade</p>'; $_POST = "UPPDATED"; $this->set_session($result,$remember,true); //log user on return true; Quote Link to comment Share on other sites More sharing options...
craygo Posted March 2, 2007 Share Posted March 2, 2007 Why would you be inserting something when you are trying to update. Try using an update query $insert = mysql_query("UPDATE member SET password = '".$password."' WHERE id = '".$id."'") or DIE ($this->query_error); Ray Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.