0

I have the below codes working for only the first user. The challenge here is; only the first user can change password, new users can't.

Error Messaage "Old password is wrong"

I am hoping that someone can assist me in correcting what I have already done to make it work.

<?php   
error_reporting(E_ERROR | E_PARSE);
session_start();
$ac = $_SESSION['account_number'];

$link=mysqli_connect('localhost','root','');
  if(!$link)
    {
      die('Connection failed: '.mysql_error());
    }
     mysqli_select_db($link,'login_portal');
  $row=mysqli_query($link, "select user_name from Login where account_number = '$ac' ");
  $row1=mysqli_fetch_array($row);
  ?>
<!DOCTYPE html>
<html>
<head>
<title>Change Password</title>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
<body>
  <table align="center" cellpadding="0" cellspacing="1" class="graybox">
      <tbody>

<td width="800" valign="top" class="contentArea">
    <table width="100%" border="0" cellspacing="0" cellpadding="20">
        <tbody><tr>
          <td>
<p>&nbsp;</p>
  <form action="chang_pass_script.php" method="post">
    <table border="0" cellpadding="5" cellspacing="1" class="entryTable">
      <tbody>
        <tr>
        <td width="160" height="30" class="label"><font size="2">User Name</font></td>
        <td height="30" class="content">    
      <input type="text" size="40" name="username" value="<? echo $row1['user_name'];?>">
    </td>
      </tr>
      <tr>
        <td width="160" height="30" class="label"><font size="2">Number
          <input type="text" size="40" name="account" value="<? echo $ac;?>" readonly ></td>
      </tr>
      <tr>
        <td width="160" height="30" class="label"><font size="2">Current Password</font></td>
        <td height="30" class="content">
    <span> 
              <input name="oldPass" type="password"  size="30" required><br>
    </span>
    </td>
      </tr>
      <tr>
        <td width="160" height="30" class="label"><font size="2">New Password</font></td>
        <td height="30" class="content">
    <span> 
              <input name="nPass" type="password"  size="30" required><br>
    </span>
    </td>
      </tr>

    <tr>
        <td width="160" height="30" class="label"><font size="2">Confirm New Password</font></td>
        <td height="30" class="content">
    <span> 
              <input name="cPass" type="password" size="30" required><br>
      </span>
    </td>
      </tr>
      <tr>
        <td height="30">&nbsp;</td>
        <td height="30"><input type="Submit" name="Submit" value="CHANGE PASSWORD"></td>
      </tr>
    </tbody></table>
  </form>
  </td>
        </tr>
        </tbody></table>
  </td>
  </tr>
  <tr>
    </tr>
</tbody></table>
  </body>
</html>
<?php
  //session_destroy();
?> 

Chang_pass_script.php

<?php
$link=mysqli_connect('localhost','root','');
  if(!$link)
    {
      die('Connection failed: '.mysql_error());
    }
     mysqli_select_db($link,'login_portal');

 if(isset($_POST['Submit']))
    {
    $ac = $_POST['account'];

    $old_pass=$_POST['oldPass'];

    $new_pass=$_POST['nPass'];

    $re_pass=$_POST['cPass'];

    $chg_pwd=mysqli_query($link, "select account_number,password from Login");

    $chg_pwd1=mysqli_fetch_array($chg_pwd);

    $data_pwd=$chg_pwd1['password'];

    $data_ac = $chg_pwd1['account_number'];

    if($data_pwd==$old_pass){

    if($new_pass==$re_pass){

      $update_pwd=mysqli_query($link, "update Login set password='$new_pass' where account_number='$data_ac'");

      echo "<script>alert('Update Sucessfully'); window.location='dashboard.php'</script>";
    }
    else{
      echo "<script>alert('Your new and Retype Password is not match'); window.location='chang_pass.php'</script>";
    }
    }
    else
    {
    echo "<script>alert('Your old password is wrong'); window.location='chang_pass.php'</script>";
    }}
?>
2
Contributors
1
Reply
8
Views
4 Months
Discussion Span
Last Post by hericles
1

I don't see whre you're selecting the old password for the user, other than this:
$chg_pwd=mysqli_query($link, "select account_number,password from Login");

And that doesn't get the details for the particular user which makes me think you're just retrieving the first user each time.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.