PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
hello devnet, as I told you Ive had to make some new changes to my database and I was trying to use a bit of old coding for a new project...this time im attempting to allow the user to change his password...however for some reason my code is returning a false value and im not quite sure why...can anyone assist me on this?
i have changed my entire code around...and EVERYTHING works until it gets to the UPDATE...its like something is blocking the code from changing the password...i have no clue as to what could be causing it not to allow updating..what am I missing?
user_id varchar(8) latin1_swedish_ci No None
user_pass char(255) latin1_swedish_ci No None
user_mail varchar(55) latin1_swedish_ci No None
fusername text latin1_swedish_ci No None
user_ext int(4) No None
createDate date No None
<?php
session_start();
error_reporting(E_ALL);
ini_set('display_errors', 1);
function doDB()
{
$conn = mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("helpdata",$conn) or die(mysql_error());
return $conn;
}
$user = $_SESSION['logname'];
if ($user)
{
//user is logged in
//echo"$user ";
if ($_POST['submit'])
{
//echo"test ";
//check fields
$oldpassword = md5($_POST['oldpassword']);
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//echo "<br>$oldpassword<br>$newpassword<br>$repeatnewpassword";
//check password against db
//connect to db
$conn = doDB();
$queryget = mysql_query("SELECT user_pass FROM users WHERE user_id='$user'") or die("Query is broken");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['user_pass'];
//check passwords
if($oldpassword==$oldpassworddb)
{
//check 2 new passwords
if ($newpassword==$repeatnewpassword)
{
//success
//change password in database
//echo "<br>success";
//this is where its broken? but why
$querychange=mysql_query("UPDATE users SET password='$newpassword' WHERE user_id='$user'");
session_destroy();
die("Your password has been changed.<a href='index.php'>Return</a>to the login");
}
else
die("New passwords do not match...please try again");
}
else
die("old password doesent match");
}
else
{
echo"
<form action='password_update2.php' method='POST'>
Old password:<input type='text' name='oldpassword'><p>
New password:<input type='password' name='newpassword'><br>
Repeat new password:<input type='password' name='repeatnewpassword'><br>
<input type ='submit' name='submit' value='Change Password'>
";
}
}
else
die("you must be logged in to change your password")
?>