ifis Posted December 7, 2007 Share Posted December 7, 2007 I am trying to create a form to update a password. I want people to enter the password twice, so it can be compared as the same before being updated, or if not the same, have the person re-enter the password. <form id='form1' name='form1' method='post' action='updatepassword.php' onsubmit='return validateForm(this)'> <table width='500' border='0' cellspacing='0' cellpadding='0'> <tr> <td>Enter new Password:</td> <td><label> <input name='Password1' type='password' id='password1' maxlength='20' /> </label></td> </tr> <tr> <td>Re-enter Password:</td> <td><input name='Password2' type='password' id='password2' maxlength='20' /></td> </tr> <tr> <td></td> <td><label> <input type='submit' name='Submit' id='Submit' value='Submit' /> </label></td> </tr> </table>"; php <?PHP // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //clean data function clean_data($string) { if (get_magic_quotes_gpc()) { $string=stripslashes($string); } return mysql_real_escape_string($string); } //password from form $password1=clean_data($_POST['password1']); $password2=clean_data($_POST['password2']); //check isfpasssword 1 and 2 are the same if (password1 == password2){ //update database mysql_query("UPDATE Member SET password='$password1' WHERE loginName='{$_SESSION['myusername']}'"); echo "Your password has been updated. It will be necessary to use it next time you login."; } else { echo "Both passwords do not match. Please re-enter password"; ?> Thanks Link to comment https://forums.phpfreaks.com/topic/80673-solved-variable-validation-not-working-with-if-else-statement/ Share on other sites More sharing options...
cunoodle2 Posted December 7, 2007 Share Posted December 7, 2007 I'm guessing that it probably has to do with the fact that on your original form you have a capital letter in the variable name.. <input name='Password1' type='password' id='password1' maxlength='20' /> Change the variable names to all lower case "password1" vs. "Password1" Also... While not as important you should Null set your variables to prevent someone from "doing something bad"... $password1 = isSet($_POST['password1']) ? clean_data($_POST['password1']) : NULL; Link to comment https://forums.phpfreaks.com/topic/80673-solved-variable-validation-not-working-with-if-else-statement/#findComment-409148 Share on other sites More sharing options...
ifis Posted December 7, 2007 Author Share Posted December 7, 2007 oops. that worked, it always seems like the simple things. Also, thanks much for the coding to increase the security! Link to comment https://forums.phpfreaks.com/topic/80673-solved-variable-validation-not-working-with-if-else-statement/#findComment-409159 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.