member accound update

Question

Pavlos1316 0 Newbie Poster

15 Years Ago

Hi.. Note that Iam quite new at this :)

What I try to do is to give the option to members to update/change their password or email.

How do I tell when nothing is entered in password field lets say not to POST anything.

The code below checks if username and password are filled but it always POST the new password even if you don't enter anything
plus I don't get POST email.

$E_Mail=$_POST['E_Mail'];
$Username=$_POST['Username'];
$Password=md5($_POST['Password']);
$New_Password=md5($_POST['New_Password']);

if (!($Username && $Password)) {include 'update account_members.php';
echo "<center><font color=#FF0000><font size=4><font weight=bold>Username & Password are REQUIRED!</font></font></font></center>";
exit();
}

$result = mysql_query("SELECT Password FROM Register WHERE Username='$Username'");

 if(!$result){
include 'update account_members.php';
echo "<center>Invalid Username</center>";
  }
  else

  if($Password!= mysql_result($result, 0)){
include 'update account_members.php';
echo "<center>Invalid Password</center>";
  }

if ($New_Password>0)
      $sql=mysql_query("UPDATE Register SET Password='$New_Password' WHERE Username='$Username'");
	if(sql)
exit();

if ($E_Mail>0)
  $sql=mysql_query("UPDATE Register SET E_Mail='$E_Mail' WHERE Username='$Username'");
	if(sql)
    {
      echo "<p>&nbsp;</p><p>&nbsp;</p><center><p>Update Successful!</p></center>";
}

Thank you.

php

2 Contributors
5 Replies
130 Views
8 Hours Discussion Span
Latest Post 15 Years Ago Latest Post by petr.pavel

All 5 Replies

petr.pavel 19 Junior Poster

15 Years Ago

Hi there,
the main thing is that you start with applying md5() to the password so even when the password was empty you get something (this: d41d8cd98f00b204e9800998ecf8427e). The solution is to test not $Password (that contains the md5 sum) but $_POST.

I'm not sure about what you mean by "plus I don't get POST email" but, if password change is successful you run exit(). So that could be the thing.

petr.pavel 19 Junior Poster

15 Years Ago

What I mean with POSTemail is that my script stops after posting password

Yes, that's because of the exit() statement. Just remove it and the script will continue.

plus now instead of update succesful I get invalid passworsd even if is right

Maybe you removed the md5() function completely, I don't know. Can you post the whole script as an attachment?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Pavlos1316 0 Newbie Poster · Answer 1 · 2008-06-10T16:08:18+00:00

ok

changing md5 I don't get POST when the password field is empty.

What I mean with POSTemail is that my script stops after posting password

plus now instead of update succesful I get invalid passworsd even if is right

....

Pavlos1316 0 Newbie Poster · Answer 2 · 2008-06-10T17:24:03+00:00

I post all my code.

I didn't put my connection string plus my authentication script cause they are tested and working just ok.

petr.pavel 19 Junior Poster · Answer 3 · 2008-06-10T17:48:56+00:00

Either you forgot to attach the source code or you got the tenses wrong. Please re-read your posts in a preview before posting. They contain a lot of typing errors that further confuse the matter.

Did you mean you had already "postED" the source code? I wanted to see the code after you made the changes. I thought you said that it started to report invalid password after you made the change. So that's why I need to know how the code looks now.

member accound update

Recommended Answers Collapse Answers

All 5 Replies

Recommended Answers