Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    Regular Coder
    Join Date
    Aug 2011
    Posts
    101
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Question change password code

    Hi,

    I'm trying to change the password after logging in to web site. Following is the code that change the password. However, the password is not changing in the table. Please let me know if I'm making any error in below code.

    Thanks.



    PHP Code:

    <?php
                            
                $password
    =mysql_real_escape_string($_POST['newpassword']);
                
    $password2=mysql_real_escape_string($_POST['confirmnewpassword']);
                
                 
                if ( 
    strlen($password) < or strlen($password) > 12 ){
                echo 
    "Password must be more than 5 char legth and maximum 12 char lenght<BR>";
                } 
                
                if ( 
    $password <> $password2 ){
                echo 
    "Both passwords are not matching";
                } 
            
                if(
    $password == $password2){
                            if(
    mysql_query("update users set password='$password' where empid='$_SESSION[login]'")){
                echo 
    "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password every 2 monthsfor better security</font></center>";
                }
                }

  • #2
    New Coder
    Join Date
    May 2009
    Location
    Birmingham, England
    Posts
    58
    Thanks
    5
    Thanked 5 Times in 5 Posts
    Try putting an else after your query:

    PHP Code:
    if(mysql_query("update users set password='$password' where empid='$_SESSION[login]'")){
                echo 
    "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password every 2 monthsfor better security</center></font>";
    }
    else{
       echo 
    mysql_error();

    You also need to change your ifs to else if otherwise even if your password is shorther than 5 or longer than 12, as long as $password and $password2 match the query will take place.

    Mark

  • #3
    Regular Coder
    Join Date
    Aug 2011
    Posts
    101
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Question

    I tried that and the password is not getting changed in database.

    However, I got the message that I Put in code.


    "Thanks
    Your password changed successfully. Please keep changing your password every 2 monthsfor better security".

  • #4
    Regular Coder
    Join Date
    Aug 2011
    Posts
    101
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Question

    any other options to change the password. If any one have their own simple change password code, then post it here..plz.

  • #5
    New Coder
    Join Date
    Feb 2006
    Location
    Texas
    Posts
    80
    Thanks
    1
    Thanked 8 Times in 8 Posts
    i think your $_SESSION variable is wrong

    $_SESSION[login] should have quotes around 'login'

    PHP Code:
    "update users set password='$password' where empid='{$_SESSION['login']}'" 
    Last edited by Truffle; 11-17-2011 at 05:22 PM.

  • #6
    Regular Coder
    Join Date
    Aug 2011
    Posts
    101
    Thanks
    7
    Thanked 0 Times in 0 Posts
    I tried that also but not working.

  • #7
    Regular Coder
    Join Date
    Aug 2011
    Posts
    101
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Question

    When I echo the session variable, it only printed one digit. My user id is a 10 digit code.

    Any one confirm if I'm making any error while creating the session.. Thank you.

    PHP Code:

    <?php session_start(); ?>
    <?php 
    include_once("includes/connections.php"); ?> 
    <?php include_once("functions/funphp.php"); ?>
    <?php

    if (isset($_POST['password']) && isset($_POST['login'])) // if the password is set then the  form has been submitted on login.php page
    {

     
    $login =  mysql_real_escape_string($_POST['login']);
     
    $password mysql_real_escape_string($_POST['password']);
     
    $qstr "SELECT * from users where empid='$login' and password ='$password'";

     
    $result mysql_query($qstr);
    [
    B$_SESSION['login']=$login['login'];[/B]
     
    $_SESSION['username'] = $username['username'];
     if (
    mysql_num_rows($result)==1)  
      {

         
    redirect("home.php");
     }
     else
     {
         echo 
    "<font color=#000000><b>Invalid User Name or Password. <a href=index.php> Click here</a> to go back to the login screen </a></Center></font>";
         
    }
     
    mysql_close();
    }
    ?>

  • #8
    New Coder
    Join Date
    Feb 2006
    Location
    Texas
    Posts
    80
    Thanks
    1
    Thanked 8 Times in 8 Posts
    PHP Code:
    $_SESSION['login']=$login['login']; 
    This is wrong because $login is not an array. It should simply just be holding a string value that was in $_POST['login']. So it should be like this

    PHP Code:
    $_SESSION['login'] = $login
    Although ideally you should just forget about $login altogether and set $_SESSION['login'] like this
    PHP Code:
    $_SESSION['login'] = mysql_real_escape_string($_POST['login']); 
    Last edited by Truffle; 11-18-2011 at 03:04 PM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •