code not updating properly

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
naveendk.55
Forum Newbie
Posts: 24
Joined: Tue Aug 16, 2011 10:13 am

code not updating properly

Post by naveendk.55 »

Hi,

I tried changing the password and it is not working. It will display that the password got changed successfully but it will not change it in database. Is there any mistake in below code?

Code: Select all


<?php
            			
			$password=mysql_real_escape_string($_POST['newpassword']);
			$password2=mysql_real_escape_string($_POST['confirmnewpassword']);
            
			 
			if ( strlen($password) < 5 or strlen($password) > 12 ){
			echo "Password must be more than 5 char legth and maximum 12 char lenght<BR>";
			} 
			
			if ( $password <> $password2 ){
			echo "Both passwords are not matching";
			} 
		
			if($password == $password2){
			if(mysql_query("update users set password='$password' where empid='{$_SESSION['login']}'")){
            echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password every 2 months for better security</center></font>";
}
			else{
			echo mysql_error();
}  	
			
			} 		

User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: code not updating properly

Post by Celauran »

At a glance, the query looks OK. Have you tried echoing the query? If $_SESSION['login'] doesn't contain a value (did you remember session_start()?) then you'll run into problems.

Also, it looks like you're storing passwords in plain text in your database. Don't do this.
naveendk.55
Forum Newbie
Posts: 24
Joined: Tue Aug 16, 2011 10:13 am

Re: code not updating properly

Post by naveendk.55 »

You're absolutely right. The session is only outputing a single numeric digit.

Yes, session is started at the start of the page. Below is the code that first starts holding the session. Could you please check if I'm making any error while creating a session? All my user ids are 10 digit numeric code. When I tried echoing the session it only showed one digit and not the ten digit code.

Code: Select all

<?php session_start(); ?>
<?php include_once("includes/connections.php"); ?> 
<?php include_once("functions/funphp.php"); ?>
<?php

if (isset($_POST['password']) && isset($_POST['login'])) // if the password is set then the  form has been submitted on login.php page
{

 $login =  mysql_real_escape_string($_POST['login']);
 $password = mysql_real_escape_string($_POST['password']);
 $qstr = "SELECT * from users where empid='$login' and password ='$password'";

 $result = mysql_query($qstr);
 $_SESSION['login']=$login['login'];
 $_SESSION['username'] = $username['username'];
 if (mysql_num_rows($result)==1)  
  {

     redirect("home.php");
 }
 else
 {
     echo "<font color=#000000><b>Invalid User Name or Password. <a href=index.php> Click here</a> to go back to the login screen </a></Center></font>";
	 
}
 mysql_close();
}
?>



User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: code not updating properly

Post by Celauran »

Code: Select all

$_SESSION['login']=$login['login'];
$_SESSION['username'] = $username['username'];
This doesn't look right. I don't see $username defined anywhere and $login is a string, not an array, so you should use

Code: Select all

$_SESSION['login'] = $login;
Post Reply