Wont write to database or display error message

PHP
1

i’ve got a couple of problems:

im having problems writing or should i say updating a coloumn in my database and showing an error message. when a user wants to change his or her password they go through the process of entering in their email user name and password twice. if username and email exist together in the db and the two textboexes match enter in the new password. for some reason my code wont write to the database. and if the textboxes dont match it will still say sucsesfully updated.

here is the code for that problem:

<?php

$n=$_POST['uname'];
$e=$_POST['email'];
$p1 = $_POST['pass1'];
$p2 = $_POST['pass2'];
$referrer = $_SERVER['REFERRER'];

//if form submitted
if($_SERVER['REQUEST_METHOD'] == "POST"){

	//check to see if passwords match
	if($p1 == $p2){

		//db config stuff
		include('config.php');

		//check to see if username and email exists
		$user_exists = mysql_num_rows(mysql_query("SELECT * FROM `user` WHERE `uname` = '$n' AND `email` = '$e'"));
		
		if($user_exists == 1){ //if there is one username and email pair
		
			//update the password

			$update_pass = mysql_query("UPDATE `user` SET `pw` = md5('$p2') WHERE `uname` = '$n' AND `email` = '$e'");
			
			echo "Successfully Updated";

		} else { //cannot find 1 username and email pair	

				echo 'Username and Email Pair does not exist. Go back and try again <a href="'.$referrer.'">here</a>';

			   }

	} else { //passwords do not match

			echo "Passwords Do Not Match";

			echo 'Username and Email Pair does not exist. Go back and try again <a href="'.$referrer.'">here</a>';

		}
}
?>
<form action="" method="post">
<input type="text" name="uname" id="uname" size="30">
<input type="text" name="email" id="email" size="30">
<input type="password" name="pass_1" />
<input type="password" name="pass_2" />
<input type="hidden" name="submitted" value ="yes" />
<input type="submit" name="submit" value="Change Password" />
</form>

any ideas why the error wont be dispalyed let alone not writing to the database.

i got a feeling if i write to the database in md5 format i might not be able to log back in again using the new password. ill attach my login page just to see if you notice what i am thinking

thanks in advance

2

check the names in the password textboxes in the form and the key in the password $_POST

3

Thanks for pointing that out I just seen in the form I call it pass_1 and at the top I use pass1. Hopefully I will be able to fix that problem tomorrow as it is getting late to try. I will let you know in the morning. Thanks

4

this is the echo i get:

UPDATE `user` SET `pw` = md5('') WHERE `uname` = 'the' AND `email` = 'the'

so nothing is actually getting written in the password. and i have no idea why.

yer i have its in the config.php file

5

try changing

 
$update_pass = mysql_query("UPDATE `user` SET `pw` = md5('$p2') WHERE `uname` = '$n' AND `email` = '$e'");

to

 
$query = "UPDATE `user` SET `pw` = md5('$p2') WHERE `uname` = '$n' AND `email` = '$e'";
 
echo $query; die();
 
$update_pass = mysql_query($query);

This will confirm if $user_exists == 1 and display the actual evaluated query about to be run.

Also, I assume you have confirmed you have an actual connetction to the database established when you run the update query.