interesting.....very interesting....i just tried it...notice that blue reflect values stored in the database
Code: Select all
$conn = doDB();
$sPassword = mysql_real_escape_string($_POST['password']);
$sql = "Select user_name, password FROM customer WHERE user_name= '{$_SESSION['logname']}' AND password = md5('$sPassword')";
$result = mysql_query($sql,$conn) or die(mysql_error());
while ($newArray = mysql_fetch_array($result))
{
$password = $newArray['password'];
$user_name = $newArray['user_name'];
}
echo "first test";
echo "<p style=\"color=blue\">$password</p>";
echo "<p style=\"color=red\">$sPassword</p>";
echo "<p style=\"color=blue\">$user_name</p>";
echo "<p style=\"color=red\">{$_SESSION['logname']}</p>";
$sPassword = mysql_real_escape_string($_POST['password']);
$sql = "Select user_name, password FROM customer WHERE user_name= '{$_SESSION['logname']}'";
$result = mysql_query($sql,$conn) or die(mysql_error());
while ($newArray = mysql_fetch_array($result))
{
$user_name = $newArray['user_name'];
$password = $newArray['password'];
}
echo "second test";
echo "<p style=\"color=blue\">$password</p>";
echo "<p style=\"color=red\">$sPassword</p>";
echo "<p style=\"color=blue\">$user_name</p>";
echo "<p style=\"color=red\">{$_SESSION['logname']}</p>";
i got this as output
first test
Notice: Undefined variable: password in C:\password_update.php on line 23
Notice: Undefined variable: user_name in C:\password_update.php on line 25
owilliams0001
second test
d8611198ea8421180df8e80eab0f2da1
owilliams0001
owilliams0001
which tells me that the first time nothing in the database is being seen but the second time i was able to retrieve both the username and the hashed password
which leads me to think that theirs something funny about the way the password is being retrieved... then i tried this
Code: Select all
$sql = "Select user_name, password FROM customer WHERE user_name= '{$_SESSION['logname']}' AND password != md5('$sPassword')";
$result = mysql_query($sql,$conn) or die(mysql_error());
while ($newArray = mysql_fetch_array($result))
{
$password = $newArray['password'];
$user_name = $newArray['user_name'];
}
echo "first test";
echo "<p style=\"color=blue\">$password</p>";
echo "<p style=\"color=red\">$sPassword</p>";
echo "<p style=\"color=blue\">$user_name</p>";
echo "<p style=\"color=red\">{$_SESSION['logname']}</p>";
and i got
first test
d8611198ea8421180df8e80eab0f2da1
owilliams0001
owilliams0001
second test
d8611198ea8421180df8e80eab0f2da1
owilliams0001
owilliams0001
which further leasds me to believe that there has to be something wrong with this and this is possibly the only issue
how do i fix it?