Everything is working fine, except the password part.
On one of the else statements, it says "Old passwords do not match".
That is the message i get when I try changing the password. It could be an MD5 error
MySQL version: 5.0.19
I'm not getting any mysql errors
Here's the code:
Code: Select all
<?php
session_start();
include('inc/connect.php');
$username = $_SESSION['username'];
if ($username)
{
//if user is logged in
$sql = mysql_query("SELECT * FROM `users` WHERE `username`='".$username."'");
$row = mysql_fetch_assoc($sql);
$fname = $row['fname'];
$lname = $row['lname'];
$email = $row['email'];
$edit = ($_POST['edit']);
// Edit variables
$fnamenew = ucfirst(strip_tags($_POST['fname']));
$lnamenew = ucfirst(strip_tags($_POST['lname']));
$emailnew = strip_tags($_POST['email']);
$password = strip_tags(md5($_POST['password']));
$passwordnew = strip_tags(md5($_POST['passwordnew']));
$passwordconf = strip_tags(md5($_POST['passwordconf']));
if($edit){
// check password against database
$oldpassworddb = $row['password'];
// check passwords
if($password==$oldpassworddb)
{
//check two new passwords
if($passwordnew==$passwordconf)
{
// success
// change password in database
$edit = "UPDATE users SET `fname`='$fnamenew', `lname`='$lnamenew', `email`='$emailnew', `password`='$passwordnew' WHERE username='$username'";
mysql_query($edit);
$fname = ucfirst(strip_tags($_POST['fname']));
$lname = ucfirst(strip_tags($_POST['lname']));
$email = strip_tags($_POST['email']);
$submitted = "Changes Submitted";
}
else
die("New Passwords Don't Match!");
}
else
die("Old Password doesn't match!");
}
}
else
header("Location: index.php");
?>
<html>
<head>
<title>Profile</title>
</head>
<body>
<form action="profile.php" method="POST">
Username: <input type="text" value="<?php echo $username; ?>" readonly="readonly"><br />
First Name: <input type="text" maxlength="25" name="fname" value="<?php echo $fname; ?>"><br />
Last Name: <input type="text" maxlength="25" name="lname" value="<?php echo $lname; ?>"><br />
Email: <input type="text" maxlength="64" name="email" value="<?php echo $email; ?>"><br />
Password: <input type="password" maxlength="32" name="password"><br />
New Password: <input type="password" maxlength="32" name="passwordnew"><br />
Confirm Password: <input type="password" maxlength="32" name="passwordconf"><br />
<input type="submit" name="edit" value="Submit Changes">
<?php echo $submitted; ?>
</form>
</body>
</html>
[/php]