Code: Select all
<?php
//start session
session_start();
//include mysql_connection.php to connect to the database
require_once("mysql_connection.php");
if(!isset($_SESSION['user'])){
header("location:index.php");
}
// Define $myusername and $mypassword
$newLoginName=$_POST['newLoginName'];
$newFirstName=$_POST['newFirstName'];
$newLastName=$_POST['newLastName'];
$newEmailAdd=$_POST['newEmailAdd'];
//form processing
$newPassWord = $_POST['newPassWord'];
$newPassWord = mysql_real_escape_string($newPassWord);
// Generate a random salt
$salt = substr(md5(uniqid(rand(), true)), 0, 5);
// Hash password
$secure_password = md5($salt . md5($newPassWord));
// update data in mysql database
$sql="UPDATE $tbl_name SET loginName = '$newLoginName', passWord = '$secure_password', firstName = '$newFirstName', lastName='$newLastName', emailAdd='$newEmailAdd'";
$result=mysql_query($sql);
// if successfully updated.
if($result){
$updateSuccess = "<b>SUCCESS</b>: Your account has been updated.";
}
else {
$updateError = "<b>ERROR</b>: Server is busy. Please try again later.";
}
?>here is the checklogin.php code for my login:
Code: Select all
<?php
//start session
session_start();
//include mysql_connection.php to connect to the database
require_once("mysql_connection.php");
// Define $myusername and $mypassword
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT id, firstName, lastName FROM $tbl_name WHERE loginName='$myusername' and passWord='$mypassword'";
$result=mysql_query($sql);
//code to check for errors
if (!$result) {
echo "Could not successfully run query ($sql) from DB: " . mysql_error();
exit;
}
$count=mysql_num_rows($result);
if ($count==1) {
$data = mysql_fetch_assoc($result);
$_SESSION['user'] = array('id' => $data['id'], 'realName'=>$data['firstName'] . ' ' . $data['lastName']);
header("location:main.php");
exit();
}
else {
$error = "<b>ERROR</b>: Invalid Username / Password";
}
?>Really need your help.
Thanks in advance.