SitePoint Sponsor

User Tag List

Results 1 to 4 of 4

Hybrid View

  1. #1
    SitePoint Enthusiast nkacharani's Avatar
    Join Date
    Oct 2010
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Change user password

    hello everyone...

    I have tried to work this code the whole day I seem to get no where. Can please someone help me see the mistake.

    The code is supposed to be changing the user password. What happen is ; I get these messages You entered an incorrect password. Try Again Congratulations! You have successfully changed your password. Continue

    And if I check in the database the password field is being erased!...please help....
    the form:
    HTML Code:
    <form id="update"  name="update" method="POST"  class="formfield" action="u.php" >
           <div> 
    <label class="fixedwidth">Username:</label>
    <input name="username" id="username" type="text" class="fixedwidth"/>
    	</div>
        
       			
    	 
    	 <div >
    <label class="fixedwidth">Old password:</label>
    <input name="oldpassword" id="oldpassword" type="password" class="fixedwidth"/>
    	</div>
     <div >
    <label class="fixedwidth">New Password:</label>
    <input name="password" id="password" type="password" class="fixedwidth" />
    	</div>
    <div>
    <label class="fixedwidth">Confirm New Password:</label>
    <input name="password1" id="password1" type="password" class="fixedwidth"  />
    	</div>	
    	
    	<div class="buttonarea">
    	  <div align="center">
    	    <input name="update" id="update" type="submit" value="Change Password" />
    	    <label>
    	    <input type="reset" name="cancel" id="cancel" value="Cancel"  onclick="location.href='Admin_index.php'"/>
    	    </label>
    	  </div>
    	</div>
        
    		
    		</form>
    the php file
    PHP Code:
    <?php 

    session_start
    ();

    //connect to the database
    $conn dbConnect('Admin_username');

    $username $_POST['username'];
    $oldpassword $_POST['oldpassword'];
    $password $_POST['password'];
    $confirmnewpassword $_POST['password1'];
    $pswd sha1(md5($password));
    $result mysql_query("SELECT password FROM users WHERE username='$username'");
    if(!
    $result

    echo 
    "The username you entered does not exist. <a href=use.php>Try Again</a>"

    else 
    if(
    $password!= mysql_result($result0)) 

    echo 
    "You entered an incorrect password. <a href=use.php>Try Again</a> "

    else
    if(
    $password==$confirmnewpassword
            
    $pass sha1(md5($password));
        
    $sql=mysql_query("UPDATE users SET password='$pass' where username='$username'"); 
        if(
    $sql
        { 
        echo 
    "Congratulations! You have successfully changed your password. <a href=Admin_index.php>Continue</a>"
        }
    else

    echo 
    "The new password and confirm new password fields must be the same. <a href=use.php>Try Again</a> "
    }  
    ?>

  2. #2
    SitePoint Wizard bronze trophy Immerse's Avatar
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    1,661
    Mentioned
    7 Post(s)
    Tagged
    1 Thread(s)
    SHouldn't you compare the old password? Not the new one?

    PHP Code:
    if($password!= mysql_result($result0))  
    {  
    echo 
    "You entered an incorrect password. <a href=use.php>Try Again</a> ";  

    Should be:

    PHP Code:
    if($oldpassword!= mysql_result($result0))  
    {  
    echo 
    "You entered an incorrect password. <a href=use.php>Try Again</a> ";  


  3. #3
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,748
    Mentioned
    72 Post(s)
    Tagged
    0 Thread(s)
    also, elseif is a valid expression in PHP. readability ++.

    The reason you're seeing multiple messages is because you havent wrapped this section in curly braces:
    PHP Code:
    if($password==$confirmnewpassword//No Curly Brace here?
            
    $pass sha1(md5($password)); //If only refers to this line.
        
    $sql=mysql_query("UPDATE users SET password='$pass' where username='$username'");  //This line will always be executed in the current context.
        
    if($sql
        { 
        echo 
    "Congratulations! You have successfully changed your password. <a href=Admin_index.php>Continue</a>"
        } 
    If you want an if clause to contain more than one command, you -must- wrap it.
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  4. #4
    SitePoint Enthusiast nkacharani's Avatar
    Join Date
    Oct 2010
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for reply Immerse and StaLion;

    I have re-write the code but it seem to be working only when the username and the oldpassword are the same.

    If one enters a wrong username with correct password; I get these errors
    Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in C:\wamp\www\change_passeord.php on line 24
    You entered an incorrect password. Try Again The new password and confirm new password fields must be the same. Try Again


    correct username wrong password I get:
    You entered an incorrect password. Try Again The new password and confirm new password fields must be the same. Try Again


    Any more help please!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •