Ryanlawrence1 Posted June 9, 2007 Share Posted June 9, 2007 The Error reads as: Warning: mysql_affected_rows(): supplied argument is not a valid MySQL-Link resource in /home/themepar/public_html/changepass.php on line 20 You have not entered all the fields Warning: mysql_affected_rows(): supplied argument is not a valid MySQL-Link resource in /home/themepar/public_html/changepass.php on line 35 Sorry You failed to enter the correct old password The Code is as: <?php session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Change Pass</title> </head> <body> <?php // Mysql include ('mysql_connect.php'); // $oldpass=$_POST['oldpass']; $newpass=$_POST['newpass']; $cnewpass=$_POST['cnewpass']; $numrows = mysql_affected_rows($res); // if (($oldpass==NULL)||( $newpass==NULL)||( $cnewpass==NULL)) { echo "You have not entered all the fields"; }else{ exit(); } // if($newpass!=$cnewpass) { echo "Passwords do not match"; } else { } // $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($res); if ($numrows >0) { echo "your password has been changed "; } else { echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); ?> Could Someone help please? Quote Link to comment Share on other sites More sharing options...
refiking Posted June 9, 2007 Share Posted June 9, 2007 You have code $numrows = mysql_affected_rows($res); there twice. Let me show you $cnewpass=$_POST['cnewpass']; [b]$numrows = mysql_affected_rows($res);[/b] // if (($oldpass==NULL)||( $newpass==NULL)||( $cnewpass==NULL)) { echo "You have not entered all the fields"; }else{ exit(); } // if($newpass!=$cnewpass) { echo "Passwords do not match"; } else { } // $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); [b]$numrows = mysql_affected_rows($res);[/b] if ($numrows >0) { The first time, you hadn't even defined $res. So, delete the first one and it should work. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 9, 2007 Author Share Posted June 9, 2007 Still has not worked i am afraid, I now have: You have not entered all the fields Warning: mysql_affected_rows(): supplied argument is not a valid MySQL-Link resource in /home/themepar/public_html/changepass.php on line 34 Sorry You failed to enter the correct old password Quote Link to comment Share on other sites More sharing options...
simcoweb Posted June 9, 2007 Share Posted June 9, 2007 Change this: $numrows = mysql_affected_rows($res); to this: $numrows = mysql_affected_rows($dbc); and that error should go away. That is, of course, determined by the fact that $dbc defines your database connection parameters. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 9, 2007 Author Share Posted June 9, 2007 Yay, Thanks That problem is solved, Right, For some reason i have You have not entered all the fieldsSorry You failed to enter the correct old password, at the top now, Please help! Quote Link to comment Share on other sites More sharing options...
simcoweb Posted June 9, 2007 Share Posted June 9, 2007 if (($oldpass==NULL)||( $newpass==NULL)||( $cnewpass==NULL)) { echo "You have not entered all the fields"; }else{ exit(); } // if($newpass!=$cnewpass) { echo "Passwords do not match"; } else { } In each of those if/else statements you don't set any rules for the 'else' part. What they are saying is IF these don't match echo the error but IF they do match then do...... ? Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 9, 2007 Author Share Posted June 9, 2007 So I have them the wrong way round? Quote Link to comment Share on other sites More sharing options...
simcoweb Posted June 9, 2007 Share Posted June 9, 2007 In the first one: if (($oldpass==NULL)||( $newpass==NULL)||( $cnewpass==NULL)) { echo "You have not entered all the fields"; }else{ exit(); } you're telling it to check that those have been set or 'not empty' basically. But, IF they ARE set you're telling the script to 'exit'. In the 2nd one: // if($newpass!=$cnewpass) { echo "Passwords do not match"; } else { } you're saying that IF the DON'T match then echo the error but IF THEY DO MATCH you're telling it to do nothing. That 2nd curly bracket should be below all the code you want to execute IF they DO MATCH. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 9, 2007 Author Share Posted June 9, 2007 I get what you mean about the 2 one, But the 1'st one i do not know what to put, Quote Link to comment Share on other sites More sharing options...
simcoweb Posted June 9, 2007 Share Posted June 9, 2007 You've got the right idea but just need to carry forward what happens if everything checks out. I doubt seriously if you want to exit the script if, indeed, the fields match properly. You might try it like this: $errors = array(); if (empty($_POST['oldpass']) || empty($_POST['newpass']) || empty($_POST['cnewpass'])) { $errors[] = "You did not complete all the password fields. Please try again."; } else { $newpass = $_POST['newpass']; $cnewpass = $_POST['cnewpass']; if ($newpass != $cnewpass) { $errors[] = "The new password and confirm password fields do not match. Please try again"; } else { //execute all your good code here since it's passed all the tests } } For the errors, you want those to display somewhere in the page probably above the form. So, you'd insert this code in there: <? // Loop through all errors if(!empty($errors)) { ?> <ul> <? foreach($errors as $message) { ?> <li id='errorMess'><?= @$message ?></li> <? } ?> </ul> <? } ?> You don't have to stretch it out quite like that but I was feeling lazy. This will loop through the $errors array and display the error messages. The basic principal of the if/else is IF this condition IS NOT met then DO THIS. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 9, 2007 Author Share Posted June 9, 2007 Hey, Well theres no errors, But for some reason when I press submit it does nothing, <?php // Mysql include ('mysql_connect.php'); // $oldpass=$_POST['oldpass']; $newpass=$_POST['newpass']; $cnewpass=$_POST['cnewpass']; // $errors = array(); if (empty($_POST['oldpass']) || empty($_POST['newpass']) || empty($_POST['cnewpass'])) { $errors[] = "You did not complete all the password fields. Please try again."; } else { $newpass = $_POST['newpass']; $cnewpass = $_POST['cnewpass']; if ($newpass != $cnewpass) { $errors[] = "The new password and confirm password fields do not match. Please try again"; } else { //execute all your good code here since it's passed all the tests $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { } echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } // ?> Codes that now, Btw. Quote Link to comment Share on other sites More sharing options...
simcoweb Posted June 9, 2007 Share Posted June 9, 2007 Heh, well, make sure that those $_POST['blah'] fields I used in the example match the names of your form fields. My sample was just that..a sample. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 It looks all right to me, Quote Link to comment Share on other sites More sharing options...
simcoweb Posted June 10, 2007 Share Posted June 10, 2007 Post your form code just to be sure. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 Whole Code: Can other people help please? <?php session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Change Pass</title> </head> <body> <?php // Mysql include ('mysql_connect.php'); // $oldpass=$_POST['oldpass']; $newpass=$_POST['newpass']; $cnewpass=$_POST['cnewpass']; // $errors = array(); if (empty($_POST['oldpass']) || empty($_POST['newpass']) || empty($_POST['cnewpass'])) { $errors[] = "You did not complete all the password fields. Please try again."; } else { $newpass = $_POST['newpass']; $cnewpass = $_POST['cnewpass']; if ($newpass != $cnewpass) { $errors[] = "The new password and confirm password fields do not match. Please try again"; } else { //execute all your good code here since it's passed all the tests $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { } echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } // ?> <div align="center"> <table width="326" height="124" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="143"><div align="center">Change Your Pass: </div></td> </tr> <tr> <td><div align="right">Old Password: <input name="oldpass" type="password" id="oldpass" value=""> </div></td> </tr> <tr> <td><div align="right">New Password: <input name="newpass" type="password" id="newpass"> </div></td> </tr> <tr> <td><div align="right">Confirm New Password: <input name="cnewpass" type="password" id="cnewpass"> </div></td> </tr> <tr> <td><div align="center"> <input name="submit" type="submit" id="submit" value="Submit"> </div></td> </tr> <tr> <td><? // Loop through all errors if(!empty($errors)) { ?> <ul> <? foreach($errors as $message) { ?> <li id='errorMess'><?= @$message ?></li> <? } ?> </ul> <? } ?> </td> </tr> </table> <form name="form1" method="post"> </form> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 Sorry to double post, But I sorted that error, I just realised that the Form was not around the feilds, Now for some reason i9 have this at the bottom: You did not complete all the password fields. Please try again. When I have not even entered anything yet, And When I do everything correct it changes the password but comes up with this at the top: your password has been changed Sorry You failed to enter the correct old password Can Someone Help Please? Code: <?php session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Change Pass</title> </head> <body> <?php // Mysql include ('mysql_connect.php'); // $oldpass=$_POST['oldpass']; $newpass=$_POST['newpass']; $cnewpass=$_POST['cnewpass']; // $errors = array(); if (empty($_POST['oldpass']) || empty($_POST['newpass']) || empty($_POST['cnewpass'])) { $errors[] = "You did not complete all the password fields. Please try again."; } else { $newpass = $_POST['newpass']; $cnewpass = $_POST['cnewpass']; if ($newpass != $cnewpass) { $errors[] = "The new password and confirm password fields do not match. Please try again"; } else { //execute all your good code here since it's passed all the tests $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { } echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } // ?> <div align="center"> <form name="form1" method="post"> <table width="326" height="124" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="143"><div align="center">Change Your Pass: </div></td> </tr> <tr> <td><div align="right">Old Password: <input name="oldpass" type="password" id="oldpass" value=""> </div></td> </tr> <tr> <td><div align="right">New Password: <input name="newpass" type="password" id="newpass"> </div></td> </tr> <tr> <td><div align="right">Confirm New Password: <input name="cnewpass" type="password" id="cnewpass"> </div></td> </tr> <tr> <td><div align="center"> <input name="submit" type="submit" id="submit" value="Submit"> </div></td> </tr> <tr> <td><? // Loop through all errors if(!empty($errors)) { ?> <ul> <? foreach($errors as $message) { ?> <li id='errorMess'> <?= @$message ?> </li> <? } ?> </ul> <? } ?> </td> </tr> </table> </form> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted June 10, 2007 Share Posted June 10, 2007 1st of all ur code is ready for sql injections, so try these for preventing injections. $oldpass=mysql_real_escape_string($_POST['oldpass']); $newpass=mysql_real_escape_string($_POST['newpass']); $cnewpass=mysql_real_escape_string($_POST['cnewpass']); other u define ur variables from form twice may i know why: Here.. else { $newpass = $_POST['newpass']; $cnewpass = $_POST['cnewpass']; if ($newpass != $cnewpass) { These varaibles u define already above. Other there is no else statement to insert record to db. Look at ur this code: session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); } After that i did not see any else statement to do the job. Ok try this: session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); }else { rest of the code... echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } } // ?> Hope this will help u. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 The Top bit is fine, It works on all other pages... Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted June 10, 2007 Share Posted June 10, 2007 Please try my suggestion as i write the code. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 Why is there a random echo in it? I don't know why I have to do that, BTW: I have this error comeing up above the forms: your password has been changed Sorry You failed to enter the correct old password When it should only be Your Password has been changed, Please take a look: <?php session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Change Pass</title> </head> <body> <?php // Mysql include ('mysql_connect.php'); // $oldpass=mysql_real_escape_string($_POST['oldpass']); $newpass=mysql_real_escape_string($_POST['newpass']); $cnewpass=mysql_real_escape_string($_POST['cnewpass']); // $errors = array(); if (!isset($_POST['oldpass']) || !isset($_POST['newpass']) || !isset($_POST['cnewpass'])) { $errors[] = "You did not complete all the password fields. Please try again."; } else { if ($newpass != $cnewpass) { $errors[] = "The new password and confirm password fields do not match. Please try again"; } else { //execute all your good code here since it's passed all the tests $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { } echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } // ?> <div align="center"> <form name="form1" method="post"> <table width="326" height="124" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="143"><div align="center">Change Your Pass: </div></td> </tr> <tr> <td><div align="right">Old Password: <input name="oldpass" type="password" id="oldpass" value=""> </div></td> </tr> <tr> <td><div align="right">New Password: <input name="newpass" type="password" id="newpass"> </div></td> </tr> <tr> <td><div align="right">Confirm New Password: <input name="cnewpass" type="password" id="cnewpass"> </div></td> </tr> <tr> <td><div align="center"> <input name="submit" type="submit" id="submit" value="Submit"> </div></td> </tr> <tr> <td><? // Loop through all errors if(!empty($errors)) { ?> <ul> <? foreach($errors as $message) { ?> <li id='errorMess'> <?= @$message ?> </li> <? } ?> </ul> <? } ?> </td> </tr> </table> </form> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted June 10, 2007 Share Posted June 10, 2007 Change this: $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { } echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } To this: $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 Now I have this error: Parse error: syntax error, unexpected $end in /home/themepar/public_html/changepass.php on line 98 Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 Sorry to double post but can someone help me please!!!! Quote Link to comment Share on other sites More sharing options...
AndyB Posted June 10, 2007 Share Posted June 10, 2007 That particular error is caused because you have an unclosed loop - somewhere you're missing a closing curly brace } If you can't find that error, I think it would be a really good idea to post the present version of your code as it appears to have undergone major surgery in this thread. Quote Link to comment Share on other sites More sharing options...
Ryanlawrence1 Posted June 10, 2007 Author Share Posted June 10, 2007 I cannot find the open bracket, So here is the full code: <?php session_start(); if (!isset($_SESSION['s_username'])) { header("Location: login.php"); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Change Pass</title> </head> <body> <?php // Mysql include ('mysql_connect.php'); // $oldpass=mysql_real_escape_string($_POST['oldpass']); $newpass=mysql_real_escape_string($_POST['newpass']); $cnewpass=mysql_real_escape_string($_POST['cnewpass']); // $errors = array(); if (!isset($_POST['oldpass']) || !isset($_POST['newpass']) || !isset($_POST['cnewpass'])) { $errors[] = "You did not complete all the password fields. Please try again."; } else { if ($newpass != $cnewpass) { $errors[] = "The new password and confirm password fields do not match. Please try again"; } else { //execute all your good code here since it's passed all the tests $sql = "UPDATE users SET password = '".md5($newpass)."' WHERE username = '".$_SESSION['s_username']."' AND password = '".md5($oldpass)."' "; $res = mysql_query($sql,$dbc) or die (mysql_error()); $numrows = mysql_affected_rows($dbc); if ($numrows >0) { echo "your password has been changed "; } else { echo "Sorry You failed to enter the correct old password"; } mysql_query($sql,$dbc) or die (mysql_error()); } // ?> <div align="center"> <form name="form1" method="post"> <table width="326" height="124" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="143"><div align="center">Change Your Pass: </div></td> </tr> <tr> <td><div align="right">Old Password: <input name="oldpass" type="password" id="oldpass" value=""> </div></td> </tr> <tr> <td><div align="right">New Password: <input name="newpass" type="password" id="newpass"> </div></td> </tr> <tr> <td><div align="right">Confirm New Password: <input name="cnewpass" type="password" id="cnewpass"> </div></td> </tr> <tr> <td><div align="center"> <input name="submit" type="submit" id="submit" value="Submit"> </div></td> </tr> <tr> <td><? // Loop through all errors if(!empty($errors)) { ?> <ul> <? foreach($errors as $message) { ?> <li id='errorMess'> <?= @$message ?> </li> <? } ?> </ul> <? } ?> </td> </tr> </table> </form> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.