redarrow Posted December 29, 2007 Share Posted December 29, 2007 Hi there i have rewritten this code in all php's statements and function's as possable even using a catch to catch true or false the else dosent work any idears please cheers. I have tried ..... matching the varables no luck matching with mysql_num_rows no luck matching a condition via varables no luck used the form with hidden varable no luck used sessions no luck my elese wont work why!!!!!!!!! <?php // //CREATE TABLE `database_test`.`pass` ( //`id` SMALLINT( 5 ) UNSIGNED ZEROFILL NOT NULL AUTO_INCREMENT PRIMARY KEY , //`username` VARCHAR( 25 ) NOT NULL , //`password` VARCHAR( 35 ) NOT NULL , //`email` VARCHAR( 50 ) NOT NULL //`privert_word` VARCHAR( 50 ) NOT NULL //) ENGINE = InnoDB // $db=mysql_connect("xxx","xxx","xxx"); $db_result=mysql_select_db("database_test",$db); if($_POST['submit']){ $true=$_POST['true']; $new_pass=rand(0,123456); $pass=$new_pass; $new_pass=(md5($_POST['new_pass'])); $privert_word=$_POST['privert_word']; $username=$_POST['username']; $email=$_POST['email']; if( empty($username) || empty($email) ){ echo"<center> <font color='red'>Please fill in all the form!</font></center>"; } $sql="SELECT * from pass where username='$username' AND email='$email' and privert_word='$privert_word' and id='00001'"; $sql_result=mysql_query($sql)or die(mysql_error()); while($x=mysql_fetch_assoc($sql_result)){ if(($x['username'] || $x['email'])==1){ $true="TRUE"; }else{ $true="FALSE"; } if($true=="TRUE"){ $new_pass=mysql_real_escape_string($new_pass); $sql2="UPDATE pass set password='$new_pass' WHERE username='$username' AND email='$email' and privert_word='$privert_word' and id='00001'"; $result2=mysql_query($sql2) or die(mysql_error()); echo "<br><br> Your new ".$x['username']." password <br><br><br><br>Username: ".$x['username']." <br><br>Password: $pass <br><br>Please try to remember your new password cheers! <br><br>or change your password in your members area to a easy remembered password"; }elseif($true=="FALSE"){ echo "Sorry we have no record of your username: $username or email: $email <br><br>please join our website <br><br> <a href='join.php'>join now!<a>"; } } } ?> <center> <form method="POST" action="password_recovery.php"> <h1>Password recovery</h1> <br> Please provide username: <br><br> <input type="text" name="username"> <br><br> Please provide email address: <br><br> <input type="text" name="email"> <br><br> Please tell us your privert saying: <br><br> <input type="text" name="privert_word"> <br><br> <input name="submit" type="submit" value="Send"> </form> </center> Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 here another way still no luck.... <?php // //CREATE TABLE `database_test`.`pass` ( //`id` SMALLINT( 5 ) UNSIGNED ZEROFILL NOT NULL AUTO_INCREMENT PRIMARY KEY , //`username` VARCHAR( 25 ) NOT NULL , //`password` VARCHAR( 35 ) NOT NULL , //`email` VARCHAR( 50 ) NOT NULL //`privert_word` VARCHAR( 50 ) NOT NULL //) ENGINE = InnoDB // $db=mysql_connect("xxx","xxx","xxx"); $db_result=mysql_select_db("database_test",$db); if(isset($_POST['submit'])){ $new_pass=rand(0,123456); $pass=$new_pass; $new_pass=(md5($_POST['new_pass'])); $privert_word=$_POST['privert_word']; $username=$_POST['username']; $email=$_POST['email']; $id=$_POST['id']; $sql="SELECT * from pass where username='$username' AND email='$email' and privert_word='$privert_word' and id='00001'"; $sql_result=mysql_query($sql)or die(mysql_error()); while($x=mysql_fetch_assoc($sql_result)){ if( (mysql_num_rows($sql_result)==1)){ $new_pass=mysql_real_escape_string($new_pass); $sql2="UPDATE pass set password='$new_pass' WHERE username='$username' AND email='$email' and privert_word='$privert_word' and id='00001'"; $result2=mysql_query($sql2) or die(mysql_error()); echo "<br><br> Your new ".$x['username']." password <br><br><br><br>Username: ".$x['username']." <br><br>Password: $pass <br><br>Please try to remember your new password cheers! <br><br>or change your password in your members area to a easy remembered password"; exit; }else{ echo "Sorry we have no record of your username: $username or email: $email <br><br>please join our website <br><br> <a href='join.php'>join now!<a>"; exit; } } } ?> <center> <form method="POST" action="password_recovery.php"> <h1>Password recovery</h1> <br> Please provide username: <br><br> <input type="text" name="username"> <br><br> Please provide email address: <br><br> <input type="text" name="email"> <br><br> Please tell us your privert saying: <br><br> <input type="text" name="privert_word"> <br><br> <input name="submit" type="submit" value="Send"> </form> </center> Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 tried it this way aswell still no elese working <?php // //CREATE TABLE `database_test`.`pass` ( //`id` SMALLINT( 5 ) UNSIGNED ZEROFILL NOT NULL AUTO_INCREMENT PRIMARY KEY , //`username` VARCHAR( 25 ) NOT NULL , //`password` VARCHAR( 35 ) NOT NULL , //`email` VARCHAR( 50 ) NOT NULL //`privert_word` VARCHAR( 50 ) NOT NULL //) ENGINE = InnoDB // $db=mysql_connect("xxx","xxx","xxx"); $db_result=mysql_select_db("database_test",$db); if(isset($_POST['submit'])){ $new_pass=rand(0,123456); $pass=$new_pass; $new_pass=(md5($_POST['new_pass'])); $sql="SELECT * from `pass` where `username`='".$_POST['username']."' AND `email`='".$_POST['email']."' AND `privert_word`='".$_POST['privert_word']."' AND `id`='00001'"; $sql_result=mysql_query($sql)or die(mysql_error()); while($x=mysql_fetch_assoc($sql_result)){ if( (mysql_num_rows($sql_result)==1)){ $new_pass=mysql_real_escape_string($new_pass); $sql2="UPDATE `pass` set `password`='".$_POST['new_pass']."' WHERE `username`='".$_POST['username']."' AND `email`='".$_POST['email']."' AND `privert_word`='".$_POST['privert_word']."' AND `id`='00001'"; $result2=mysql_query($sql2) or die(mysql_error()); echo "<br><br> Your new ".$x['username']." password <br><br><br><br>Username: ".$x['username']." <br><br>Password: $pass <br><br>Please try to remember your new password cheers! <br><br>or change your password in your members area to a easy remembered password"; exit; }else{ echo "Sorry we have no record of your username: $username or email: $email <br><br>please join our website <br><br> <a href='join.php'>join now!<a>"; exit; } } } ?> <center> <form method="POST" action="password_recovery.php"> <h1>Password recovery</h1> <br> Please provide username: <br><br> <input type="text" name="username"> <br><br> Please provide email address: <br><br> <input type="text" name="email"> <br><br> Please tell us your privert saying: <br><br> <input type="text" name="privert_word"> <br><br> <input name="submit" type="submit" value="Send"> </form> </center> Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted December 29, 2007 Share Posted December 29, 2007 Please post the form that this script is processing. Ken Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 posting as one page cheers.....(no elese working mate) <center> <form method="POST" action="password_recovery.php"> <h1>Password recovery</h1> <br> Please provide username: <br><br> <input type="text" name="username"> <br><br> Please provide email address: <br><br> <input type="text" name="email"> <br><br> Please tell us your privert saying: <br><br> <input type="text" name="privert_word"> <br><br> <input name="submit" type="submit" value="Send"> </form> </center> Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted December 29, 2007 Share Posted December 29, 2007 You have the check for the number of records returned and the fetch of the record reverse. The check for the number should come first. Also, since you're only expecting one record to be returned, you don't need the while statement. Try: <?php // //CREATE TABLE `database_test`.`pass` ( //`id` SMALLINT( 5 ) UNSIGNED ZEROFILL NOT NULL AUTO_INCREMENT PRIMARY KEY , //`username` VARCHAR( 25 ) NOT NULL , //`password` VARCHAR( 35 ) NOT NULL , //`email` VARCHAR( 50 ) NOT NULL //`privert_word` VARCHAR( 50 ) NOT NULL //) ENGINE = InnoDB // $db=mysql_connect("xxx","xxx","xxx"); $db_result=mysql_select_db("database_test",$db); if(isset($_POST['submit'])){ $new_pass=rand(0,123456); $pass=$new_pass; $new_pass=(md5($_POST['new_pass'])); $sql="SELECT * from `pass` where `username`='".$_POST['username']."' AND `email`='".$_POST['email']."' AND `privert_word`='".$_POST['privert_word']."' AND `id`='00001'"; $sql_result=mysql_query($sql)or die(mysql_error()); if( (mysql_num_rows($sql_result)==1)){ $x=mysql_fetch_assoc($sql_result)) $new_pass=mysql_real_escape_string($new_pass); $sql2="UPDATE `pass` set `password`='".$_POST['new_pass']."' WHERE `username`='".$_POST['username']."' AND `email`='".$_POST['email']."' AND `privert_word`='".$_POST['privert_word']."' AND `id`='00001'"; $result2=mysql_query($sql2) or die(mysql_error()); echo "<br><br> Your new ".$x['username']." password <br><br><br><br>Username: ".$x['username']." <br><br>Password: $pass <br><br>Please try to remember your new password cheers! <br><br>or change your password in your members area to a easy remembered password"; exit; }else{ echo "Sorry we have no record of your username: $username or email: $email <br><br>please join our website <br><br> <a href='join.php'>join now!<a>"; exit; } } ?> BTW, I fixed your indentation and removed the extraneous blank lines. Ken Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 ken your so skilled... still dont see what i done wrong thank you...... solved............. Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 ken via not using the braces to loop throw all the select statement does the code you provided mean it only will show one entry. $x=mysql_fetch_assoc($sql_result); << one entry that correct cheers... Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted December 29, 2007 Share Posted December 29, 2007 I assumed that you're only allowing one username to match all of the selection criteria. If you're allowing more than one matching username, you would have to use the while loop. Ken Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 and this i take it was the wrong way around while($x=mysql_fetch_assoc($sql_result)){ if( (mysql_num_rows($sql_result)==1)){ should be if( (mysql_num_rows($sql_result)==1)){ while($x=mysql_fetch_assoc($sql_result)){ mysql_num_rows should off b first then a while Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted December 29, 2007 Share Posted December 29, 2007 Yes. When you do the "while" first, if there are no records it doesn't enter the loop, so the "if" won't be seen. Ken Quote Link to comment Share on other sites More sharing options...
redarrow Posted December 29, 2007 Author Share Posted December 29, 2007 thank you ken so much dont see that in a book lol.... have a grate happy new year m8...... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.