giannis Posted September 28, 2010 Share Posted September 28, 2010 Hello, I've got the following code, who doesn't change the password on the database: <?php include "connect.php"; session_start(); session_register("session"); $new_password = $_POST['new_password']; $new_password_again = $_POST['new_password_again']; if(!isset($session['connection_status'])) { echo "<center><font face='Verdana' size='2' color=red>Sorry, Please login and use this page </font></center>"; exit;} ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Change Password</title> <script type="text/javascript" src="js/jquery.min.js"></script> <script type="text/javascript" src="js/jquery.ketchup.js"></script> <script type="text/javascript" src="js/jquery.ketchup.messages.js"></script> <script type="text/javascript" src="js/jquery.ketchup.validations.basic.js"></script> <script language="javascript" type="text/javascript" src="niceforms.js"></script> <link rel="stylesheet" type="text/css" media="all" href="niceforms-default.css" /> <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ketchup.css" /> </head> <body> <div id="container"> <fieldset> <legend>Change Password</legend> <p>Please enter your new password below</p> <form method="post" action="change_password.php" name="changepassword" id="changepassword"class="niceform" > <dl> <dt><label for="new_password">New Password:</label><br /></dt> <dd><input type="password" name="new_password" id="new_password" class= "validate(required, rangelength(4,30))" /></dd> </dl> <dl> <dt><label for="new_password_again">Password (again):</label><br /></dt> <dd><input type="password" name="new_password_again" id="new_password_again" class= "validate(required, match(#new_password))" /></dd> </dl> <dl> <dt> <dd><input type="submit" name="change_password" id="change_password" value="Change Password" /> <input type="reset" name="reset" id="reset" value="Reset" /></dd> </dt> </dl> </form> </fieldset> </div> <?php if (empty($_POST['new_password']) && empty($_POST['new_password_again'])) { ?> <div id="container"> <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>" name="loginform" id="loginform" class="niceform" > <fieldset> <legend>Error</legend> <p>Please go back and complete all the fields in the form</p> <p>Click <a href="index.php">here</a> to try again.</p> </fieldset> </form> </div> <?php } else { $db_new_password=md5(mysql_real_escape_string($new_password)); $status = "OK"; $msg=""; if ( strlen($new_password) < 3 or strlen($new_password) > 10 ) { $msg=$msg."Password must be more than 3 characters in length and maximum 10 characters in length<BR>"; $status= "NOTOK"; } if (strcmp( $new_password,$new_password_again ) !=0) { $msg=$msg."Both passwords do not match<BR>"; $status= "NOTOK"; } if($status<>"OK") { echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; } else { if(mysql_query("update users set password='$db_new_password' where userid='$session[userid]'")) { echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password for better security</font></center>". $new_password ; } } } ?> <script type = "text/javascript"> $(document).ready(function() { $('#changepassword').ketchup(); }); </script> </body> </html> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 28, 2010 Share Posted September 28, 2010 Then what does happen? Any errors, or just nothing at all? Quote Link to comment Share on other sites More sharing options...
giannis Posted September 30, 2010 Author Share Posted September 30, 2010 I've done a few changes, the php runs but doesn't save in database the new password, it still remains the old one even though the returning message says that it was change. Any ideas? <?php include "connect.php"; $user=$_SESSION['userid']; session_start(); session_register("session"); if(!isset($_SESSION['connection_status'])) { echo "<center><font face='Verdana' size='2' color=red>Sorry, Please login and use this page </font></center>"; exit; } $empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back"; $password1 = $_POST['password1']; $password2 = $_POST['password2']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Change password</title> <script type="text/javascript" src="js/jquery.min.js"></script> <script type="text/javascript" src="js/jquery.ketchup.js"></script> <script type="text/javascript" src="js/jquery.ketchup.messages.js"></script> <script type="text/javascript" src="js/jquery.ketchup.validations.basic.js"></script> <script language="javascript" type="text/javascript" src="niceforms.js"></script> <link rel="stylesheet" type="text/css" media="all" href="niceforms-default.css" /> <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ketchup.css" /> </head> <body> <?php if (!isset($_POST['password1'])) { ?> <h2> Change password! <? echo $_SESSION['email']; ?> </h2> <form method="post" action="index.php; ?>" > <p class="style3" > <label for="password1"> New password:</label> <input type="password" title="Please enter a password" name="password1" size="30" class= "validate(rangelength(4,30))"></p> <p class="style3"> <label for="password2"> Re-enter Password:</label> <input type="password" title="Please re-enter password" name="password2" size="30" class= "validate(rangelength(4,30))"></p> <p style="stext-align:left"> <label for="submit">   </label> <input type="submit" name="submit" id="submit" value="Change password" /> </form> <?php } elseif (empty($password1) && empty($password2)) { echo $empty_fields_message; } else { $db_password1=md5(mysql_real_escape_string($_POST['password1'])); /*Setting flags for checking*/ $status = "OK"; $msg=""; if ( strlen($password1) < 4 or strlen($password1) > 10 ) { $msg=$msg."Password must be more than 4 characters in length and maximum 10 characters in length<BR>"; $status= "NOTOK"; } if (strcmp( $password1,$password2 ) !=0) { $msg=$msg."Both passwords do not match<BR>"; $status= "NOTOK"; } if($status<>"OK") { echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; } else { /* if all validations are passed */ mysql_query("UPDATE users SET password='.$db_password1' WHERE userid='.$user'"); ?> <p>Thanks <br> Your password changed successfully Please keep changing your password for better security</p> <p> Click <a href="index.php">here</a> to logout if you want</p> <?php } } ?> Quote Link to comment Share on other sites More sharing options...
the182guy Posted September 30, 2010 Share Posted September 30, 2010 I suspect this is the problem include "connect.php"; $user=$_SESSION['userid']; session_start(); You're trying to access a $_SESSION variable before the session has been started, which means your $user variable will be null. You're using that variable to do the update later in the script. Move the session_start() to above the line that is accessling the variable. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.