What's wrong with Password code?
Posted: Fri Sep 22, 2006 5:45 pm
Hi all,
I have a problem... something I'm not seeing...
I have a IF statement that checks a form with 4 textboxes (plus others not applying to this) - 2 showing (but not editable) email address and current password... then 2 as optional input - "New Password" and "Confirm New Password". The data comes from a MySQL database...
So... Get current details:
... then load variables or set as NULL:
...and lastly process form:
I get the ELSE IF statement everytime, the 'Please confirm your new password' error message even if the input boxes are blank. I think the flow is logical. I think I've checked everything. What's wrong, please?
It should be - if the input boxes are blank, leave alone and process only rest of form. If the "New Password" box is not NULL then check "Confirm New Password" for 1. is there, and 2. is the same as "New Password". If not then show error message at top of form.
The layout is this form, a table for the user's login details, and a table for the user's other details (which references the login table so user and customer are one. The user cannot change his username or email address as the email address is verified. Just so you have the full picture.
Thank you in advance,
Clinton
I have a problem... something I'm not seeing...
I have a IF statement that checks a form with 4 textboxes (plus others not applying to this) - 2 showing (but not editable) email address and current password... then 2 as optional input - "New Password" and "Confirm New Password". The data comes from a MySQL database...
So... Get current details:
Code: Select all
// Get Membership Details
$query_rstUser = ' SELECT *
FROM mtblusers
WHERE txtUsername = "'.$user.'"';
$rstUser = mysql_query($query_rstUser, $damsel) or die(mysql_error());
while ($arrUser = mysql_fetch_array($rstUser)) {
$idsUser = $arrUser ['idsUser'];
$txtEmailAddress = $arrUser ['txtEmailAddress'];
$txtPassword = $arrUser ['txtPassword'];
}
mysql_free_result($rstUser);Code: Select all
// *Change of Password* Variables
$txtACNewPassword = isset($_REQUEST['txtNewPassword']) ?
cleanValue($_REQUEST['txtNewPassword']) : NULL;
$txtACConfirm = isset($_REQUEST['txtConfirm']) ?
cleanValue($_REQUEST['txtConfirm']) : NULL;Code: Select all
// Set up Form Check Variables
$blnNewPassword = (isset($txtACNewPassword)) ? true : false;
$blnConfirmed = ((isset($txtACConfirm)) && (strcmp($txtACNewPassword, $txtACConfirm))) ? true : false;
if ($blnNewPassword && $blnConfirmed) {
$query_resUpdatePassword = ' UPDATE mtblusers
SET txtPassword = "' .$txtACNewPassword .'"
WHERE txtUsername = "' .$user .'"';
// Add NEW Password Details to Database
$resUpdatePassword = mysql_query($query_resUpdatePassword, $damsel) or die(mysql_error());
$resUpdateCustomer = mysql_query($query_resUpdateCustomer, $damsel) or die(mysql_error());
$URI = 'members.php';
header("Location: $URI"); // Go to members area.
exit;
} else if (!strcmp($txtACNewPassword, $txtACConfirm)) {
// New Password Not Confirmed
$message = 'Please confirm your new password';
} else {
// Just process rest of form
$resUpdateCustomer = mysql_query($query_resUpdateCustomer, $damsel) or die(mysql_error());
$URI = 'members.php';
header("Location: $URI"); // Go to members area.
exit;
}It should be - if the input boxes are blank, leave alone and process only rest of form. If the "New Password" box is not NULL then check "Confirm New Password" for 1. is there, and 2. is the same as "New Password". If not then show error message at top of form.
The layout is this form, a table for the user's login details, and a table for the user's other details (which references the login table so user and customer are one. The user cannot change his username or email address as the email address is verified. Just so you have the full picture.
Thank you in advance,
Clinton