PHP RSS PHP RSS

going mad now mysql db password change fails

Reply

Join Date: Sep 2009
Posts: 70
Reputation: j_limboo is an unknown quantity at this point 
Solved Threads: 0
j_limboo j_limboo is offline Offline
Junior Poster in Training

going mad now mysql db password change fails

 
0
  #1
Oct 15th, 2009
PHP Syntax (Toggle Plain Text) 
  1. Newbee in php
  2. Below is my table and script, I know it should change the password
  3. I am using a registration application
  4. the password is saved in this manner
  5. 1d7d2fcc49f157c0be4456580011a58d469c71b6
  6. I could not make out if this is a md5.
  7. I echoed the php, the password i type in the form, it shows different.
  8. now you must be thinking i typed the wrong password
  9. I can login to the web application with the password but using the same password i cannot change
  10. Please advice
  11.  
  12.  
  13. `users` (
  14.   `id` int(255) unsigned NOT NULL AUTO_INCREMENT,
  15.   `username` varchar(100) NOT NULL,
  16.   `firstname` varchar(50) DEFAULT NULL,
  17.   `lastname` varchar(50) DEFAULT NULL,
  18.   `password` varchar(40) NOT NULL,
  19.   `active` int(1) NOT NULL DEFAULT '0',
  20.   `ip` text NOT NULL,
  21.   `usergroup` text NOT NULL,
  22.   `datasource_id` int(3) unsigned DEFAULT '0',
  23.   `last_login` int(14) DEFAULT NULL,
  24.   `day_limit` int(3) unsigned DEFAULT NULL,
  25.   `language` varchar(5) NOT NULL DEFAULT 'en',
  26.   `email` varchar(100) DEFAULT NULL,
  27.   `pwd_updated` int(14) unsigned DEFAULT NULL,
  28.   `created` int(14) unsigned NOT NULL DEFAULT '0',
  29.   `owner_id` int(255) NOT NULL DEFAULT '0',
  30.   `modified` int(14) unsigned DEFAULT NULL,
  31.   `updated` int(14) unsigned DEFAULT NULL,
  32.   PRIMARY KEY (`id`),
  33.   UNIQUE KEY `login` (`username`),
  34.   KEY `active` (`active`),
  35.   KEY `password` (`password`)
  36. ) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;
  37.  
  38.  
  39.  
  40.  
  41. /*
  42. <?
  43. $host="localhost";          // Host name 
  44. $username="root";        // Mysql username 
  45. $password="brijpuja1"; // Mysql password 
  46. $db_name="newsumo";  // Database name 
  47. $tbl_name="users";     // Table name 
  48.  
  49. $username=$_POST['username'];
  50. $oldpass=$_POST['oldpass']; 
  51. $newpass=$_POST['newpass']; 
  52. $conpass=$_POST['confirmpass'];
  53.  
  54. $encry_oldpass=md5($oldpass);          //encrypting old password
  55. echo "$encry_oldpass";
  56.  
  57. /*  Test OK
  58. echo $username;
  59. echo "<br />";
  60. echo $oldpass;
  61. echo "<br />";
  62. echo $encry_oldpass;
  63. echo "<br />";
  64. die();   */
  65.  
  66. $con=mysql_connect("$host","$username","$password");
  67. mysql_select_db("$db_name",$con);
  68.  
  69. $result=mysql_query("SELECT * FROM $tbl_name WHERE username='$username' and password='$encry_oldpass'");
  70. $count=mysql_num_rows($result);
  71.  
  72. if((!empty($newpass)&&!empty($conpass))&&($newpass==$conpass)&&($count==1))
  73.  {
  74.       $encry_conpass=md5($conpass);//encrypting confirm password
  75.  
  76.       $result2=mysql_query("UPDATE $tbl_name SET password='$encry_conpass' WHERE username='$username' and password='$encry_oldpass'");
  77.  
  78.       echo "Password Chamged Successfully"; 
  79.       //header("location:...............");	  // redirect to login page
  80.  
  81.  }
  82.  else
  83.  {
  84.       echo"Password Change Fails";	 
  85.       //header("location:...............");	  // redirect to password change page
  86.  }
  87. ?>
  88. */
Last edited by j_limboo; Oct 15th, 2009 at 9:48 pm.
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 794
Reputation: darkagn has a spectacular aura about darkagn has a spectacular aura about darkagn has a spectacular aura about 
Solved Threads: 110
darkagn's Avatar
darkagn darkagn is offline Offline
Master Poster
 
0
  #2
Oct 16th, 2009
This section is commented out:
php Syntax (Toggle Plain Text) 
  1. <?
  2. $host="localhost"; // Host name
  3. $username="root"; // Mysql username
  4. $password="brijpuja1"; // Mysql password
  5. $db_name="newsumo"; // Database name
  6. $tbl_name="users"; // Table name
  7.  
  8. $username=$_POST['username'];
  9. $oldpass=$_POST['oldpass'];
  10. $newpass=$_POST['newpass'];
  11. $conpass=$_POST['confirmpass'];
  12.  
  13. $encry_oldpass=md5($oldpass); //encrypting old password
  14. echo "$encry_oldpass";
But I think you need it to connect to the database and retrieve the details from the form. You should also validate all $_POST variables.

Also, you set $username to "root", then overwrite it with $_POST["username"]. You need to make sure they are different variables.
There are no stupid questions, only those too stupid to ask for help.
echo is a web developer's best friend.
Reply With Quote Quick reply to this message  
Join Date: Sep 2009
Posts: 70
Reputation: j_limboo is an unknown quantity at this point 
Solved Threads: 0
j_limboo j_limboo is offline Offline
Junior Poster in Training
 
0
  #3
Oct 16th, 2009
Let me check this
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
Message:



Similar Threads
Other Threads in the PHP Forum
Thread Tools Search this Thread



advanced apache api array beginner binary broken cakephp checkbox class cms code cookies cron curl database date datepart display dropdownlist dynamic echo email eregi error execution file files folder form forms function functions google head href htaccess html if...loop image include includingmysecondfileinthechain insert ip javascript job joomla jquery key library limit link login mail menu mlm multiple mysql oop password paypal pdf pdfdownload php phpvotingscript problem query radio random recursion remote screen script search server sessions smarty sms soap sorting source space sql startup stored syntax system table traffic tutorial update upload url validator variable video web xml youtube zend
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC