Page 1 of 1

need help to change password and match old password inserted

Posted: Sat Apr 16, 2011 4:32 am
by liyun88
hi,i need help to solve my problem to change password and match old password inserted with password in database..
display error like this:Parse error: syntax error, unexpected ';' in C:\xampp\htdocs\nagels\save_editProfile.php on line 35
error at here city = "' . mysql_real_escape_string($_REQUEST['city']) . '" WHERE id ='. $id;
can anyone help to check and correct the code??and also help me to check and correct the if and else function in save_editProfile.php..i think perhaps have error in if and else function..
thanks in advance..

editProfile.php

Code: Select all

<?php

 session_start();
require_once 'config.php' ;
require_once 'application.php';

$id = $_SESSION['id'];
 $password = $_SESSION['password'];
 

$query = 'SELECT * FROM register WHERE id = "'. mysql_real_escape_string($id) . '"LIMIT 1';   
    $result = mysql_query($query);
if ($data = mysql_fetch_object($result))
{

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="style.css" rel="stylesheet" type="text/css">
<title>::Edit Form::</title>  
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;"/>
</head>
<body>
<table  width="952px" border="0" cellspacing="0" cellpadding="0" valign="top" align="center">
  <tr>
    <td align="center"><?php include "header.php"; ?></td>
  </tr>
  <tr><td><img src="picture/purple_line.jpg" /></td></tr>
  <tr>
    <td><table width="100%" border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td  width="300px" height="600px" valign="top" align="center"> <?php include "menu.php";?>
        </td>
        <td width="12px">&nbsp;</td>
        <td width="630px"background="picture/content1.png" style="background-repeat:no-repeat;" valign="top"><table width="100%" border="0">
          <tr>
            <td><table width="100%" border="0" align="right">
              <tr>
              <td width="28%">&nbsp;</td>
                <td width="38%"><img src="picture/icon_cart.jpg" /></td>
              </tr>
          </table></td>
           <tr>
            <td><p align="center"> <font size="+2"><strong><em><font color="#000000">Edit
    Profile </font></em></strong></font></p>
	</td>
          </tr>
		  <tr><td><form name="editForm" action="save_editProfile.php"  method="post" >
  <input type="hidden" name="id" value="<?php echo $data->id ?>"> <input type="hidden" name="password" value="<?php echo $data->password ?>">
  <div align="left"> 
  <table>
   
      <tr> 
        <td><label for="name">Name<span class="info"><font size="0.2"><font color="#ffffff">4-20 chars</font></font></span></label></td>
        <td><input type="text" name="name" value="<?php echo $data->name ?>"></td>
      </tr>
      <tr> 
        <td><label for="username">Username<span class="info"><font size="0.2"><font color="#ffffff">3-10 chars</font></font></span></label></td>
        <td><input type="text" name="username" value="<?php echo $data->username ?>"></td>
      </tr>
	  
	  <tr> 
        <td><label for="password">Current Password<span class="info"><font size="0.2"><font color="#ffffff">6-12 chars</font></font></span></label></td>
        <td><input type="password" name="password1" value="" /></td> 
		
        </tr>
	  
      <tr> 
        <td><label for="password1">New Password<span class="info"><font size="0.2"><font color="#ffffff">6-12 chars</font></font></span></label></td>
        <td><input type="password" name="password" value="" /></td>
		
        </tr>
     
		<tr> 
        <td><label for="password2">Retype Password<span class="info"><font size="0.2"><font color="#ffffff">6-12 chars</font></font></span></label></td>
        <td><input type="password" name="password2" value="" /></td>
		
        </tr>
	  <tr> 
        <td><label for="phone">Contact No</label></td>
        <td><input type="text" name="phone" value="<?php echo $data->phone ?>"></td>
      </tr>
	  <tr> 
        <td><label for="email">Email</label></td>
       <td><input type="text" name="email" value="<?php echo $data->email ?>"></td>
		</tr>
		<tr> 
        <td><label for="address">Address</label></td>
        <td><input type="text" name="address" value="<?php echo $data->address ?>"></td>
      </tr>
	  
	  <tr> 
        <td><label for="postcode">Postcode</label></td>
        <td><input type="text" name="postcode" value="<?php echo $data->postcode ?>"></td>
      </tr>
	  
	  <tr> 
        <td><label for="city">City</label></td>
        <td><input type="text" name="city" value="<?php echo $data->city ?>"></td>
      </tr>
	  
	  
     
     
     
      

  
  </table>
  <input type="submit" name="submit" value="Edit">
 </div>
   </form> 
      
    

  
 
      
 
    
 </td></tr>
        </table></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
  </tr>
</table>
</body>
</html>

      
	 <?php } ?>	 
save_editProfile.php

Code: Select all

<?php
session_start();
require_once 'config.php' ;
require_once 'application.php' ;

$id = $_SESSION['id'];
 
    if(trim($_POST['password']) &&  ($_POST['password'] == $_POST['password2']) && $_POST['password1']){     
                                $newPassword = mysql_escape_string(md5($_POST['password'])); 
                        $retypePassword = mysql_escape_string(md5($_POST['password2'])); 
                                $oldPassword = (md5(mysql_escape_string($_POST['passowrd1']))); 

 $query = 'SELECT * FROM register WHERE id = "'. mysql_real_escape_string($id) . '"LIMIT 1';   
    $result = mysql_query($query);
	while ($row = mysql_fetch_array($result)) {
	$password= $row['password']; 
	$id= $row['id']; 
	}
 
 if($oldPassword != $password)   {
        echo"<script>alert(\"Your password does not match with old password!\")</script><script>window.location='editProfile.php?id=$id'</script>";
		}
		
 elseif($newPassword != $retypePassword){   
        echo"<script>alert(\"Your password does not match with new password!\")</script><script>window.location='editProfile.php?id=$id'</script>";}
	}	 
	else(
$query1 = 'UPDATE register set name = "' . mysql_real_escape_string($_REQUEST['name']) . '",
username = "' . mysql_real_escape_string($_REQUEST['username']) . '",
password = md5("' . mysql_real_escape_string($_REQUEST["password"]) . '"),
phone = "' . mysql_real_escape_string($_REQUEST['phone']) . '",
email = "' . mysql_real_escape_string($_REQUEST['email']) . '" ,
address = "' . mysql_real_escape_string($_REQUEST['address']) . '",
postcode = "' . mysql_real_escape_string($_REQUEST['postcode']) . '",
city = "' . mysql_real_escape_string($_REQUEST['city']) . '" WHERE id = '.$id;
$result1 = mysql_query($query1);
    echo"<script>alert(\"Updated successfully!\")</script><script>window.location='home.php?id=$id'</script>";
 }
 }
?>

Re: need help to change password and match old password inse

Posted: Sat Apr 16, 2011 9:35 pm
by josh
The curly braces on your if statements are invalid. Learn to format your code and it will be more obvious. To figure this out I copy & pasted it into netbeans & waited for syntax checking to color code the errors. Easy as pie. Turns out you put "(" instead of "{" and had an extra "}", then I right clicked & hit the automatic format function & got the below code!

Try this

Code: Select all


<?php

session_start();
require_once 'config.php';
require_once 'application.php';

$id = $_SESSION['id'];

if (trim($_POST['password']) && ($_POST['password'] == $_POST['password2']) && $_POST['password1'])
{
    $newPassword = mysql_escape_string(md5($_POST['password']));
    $retypePassword = mysql_escape_string(md5($_POST['password2']));
    $oldPassword = (md5(mysql_escape_string($_POST['passowrd1'])));

    $query = 'SELECT * FROM register WHERE id = "' . mysql_real_escape_string($id) . '"LIMIT 1';
    $result = mysql_query($query);
    while ($row = mysql_fetch_array($result))
    {
	$password = $row['password'];
	$id = $row['id'];
    }

    if ($oldPassword != $password)
    {
	echo"<script>alert(\"Your password does not match with old password!\")</script><script>window.location='editProfile.php?id=$id'</script>";
    } elseif ($newPassword != $retypePassword)
    {
	echo"<script>alert(\"Your password does not match with new password!\")</script><script>window.location='editProfile.php?id=$id'</script>";
    }
} else
{
    $query1 = 'UPDATE register set name = "' . mysql_real_escape_string($_REQUEST['name']) . '",
username = "' . mysql_real_escape_string($_REQUEST['username']) . '",
password = md5("' . mysql_real_escape_string($_REQUEST["password"]) . '"),
phone = "' . mysql_real_escape_string($_REQUEST['phone']) . '",
email = "' . mysql_real_escape_string($_REQUEST['email']) . '" ,
address = "' . mysql_real_escape_string($_REQUEST['address']) . '",
postcode = "' . mysql_real_escape_string($_REQUEST['postcode']) . '",
city = "' . mysql_real_escape_string($_REQUEST['city']) . '" WHERE id = ' . $id;
    $result1 = mysql_query($query1);
    echo "<script>alert(\"Updated successfully!\")</script><script>window.location='home.php?id=$id'</script>";
}