Member Avatar for patk570

Hello, I found this script and have used it for my login system.

http://www.wikihow.com/Discussion:Create-a-Secure-Login-Script-in-PHP-and-MySQL

I have changed some variables but none the less its the same.

I am trying to create a reset password script here is what i tried so far:

function resetPassword(){

    //Main Info
    $id = $_POST['id']; 
    $email = $_POST['email']; 
    $pass= $_POST['password'];
    //salt and pass info
    $random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
    $password = hash('sha512', $pass.$random_salt);
    //Run the Query
    $update_stmt = $mysqli->prepare("UPDATE members SET password='$password' AND salt='$random_salt' WHERE id = ?");
    $update_stmt->bind_param('s', $id);
    if($update_stmt->execute()) {
    if(login($email, $password, $mysqli) == true) {
        header('Location: ../signin.php?pass=1'); 
        }else {
        header('Location: ../passreset.php?error=1'); 
        }
    }
}

but its not updating the password in the database. I have it in a functions.php page to enable it to work and be called. any ideas why its not working?

  • 3 Contributors
  • 3 Replies
  • 311 Views
  • 11 Hours Discussion Span
  • Latest Post Latest Post by patk570

Recommended Answers

All 3 Replies

Member Avatar for Sikander Nasar

Can you try mysql at the place of mysqli.
I think this will help.

Edited by Sikander Nasar
Member Avatar for pritaeas 
UPDATE members SET password='$password', salt='$random_salt' WHERE id = ?

The AND is messing it up, thus the query fails.

Member Avatar for patk570

Ahh thanks pritaeas!, Sikander, mysql is outdated and will not use it. I perfer mysqli or PDO Thanks though.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.