Hi.. Note that Iam quite new at this :)

What I try to do is to give the option to members to update/change their password or email.

How do I tell when nothing is entered in password field lets say not to POST anything.

The code below checks if username and password are filled but it always POST the new password even if you don't enter anything
plus I don't get POST email.

$E_Mail=$_POST['E_Mail'];
$Username=$_POST['Username'];
$Password=md5($_POST['Password']);
$New_Password=md5($_POST['New_Password']);

if (!($Username && $Password)) {include 'update account_members.php';
echo "<center><font color=#FF0000><font size=4><font weight=bold>Username & Password are REQUIRED!</font></font></font></center>";
exit();
}

$result = mysql_query("SELECT Password FROM Register WHERE Username='$Username'");

 if(!$result){
include 'update account_members.php';
echo "<center>Invalid Username</center>";
  }
  else

  if($Password!= mysql_result($result, 0)){
include 'update account_members.php';
echo "<center>Invalid Password</center>";
  }

if ($New_Password>0)
      $sql=mysql_query("UPDATE Register SET Password='$New_Password' WHERE Username='$Username'");
	if(sql)
exit();

if ($E_Mail>0)
  $sql=mysql_query("UPDATE Register SET E_Mail='$E_Mail' WHERE Username='$Username'");
	if(sql)
    {
      echo "<p>&nbsp;</p><p>&nbsp;</p><center><p>Update Successful!</p></center>";
}

Thank you.

Hi there,
the main thing is that you start with applying md5() to the password so even when the password was empty you get something (this: d41d8cd98f00b204e9800998ecf8427e). The solution is to test not $Password (that contains the md5 sum) but $_POST.

I'm not sure about what you mean by "plus I don't get POST email" but, if password change is successful you run exit(). So that could be the thing.

ok

changing md5 I don't get POST when the password field is empty.

What I mean with POSTemail is that my script stops after posting password

plus now instead of update succesful I get invalid passworsd even if is right

....

What I mean with POSTemail is that my script stops after posting password

Yes, that's because of the exit() statement. Just remove it and the script will continue.

plus now instead of update succesful I get invalid passworsd even if is right

Maybe you removed the md5() function completely, I don't know. Can you post the whole script as an attachment?

I post all my code.

I didn't put my connection string plus my authentication script cause they are tested and working just ok.

Either you forgot to attach the source code or you got the tenses wrong. Please re-read your posts in a preview before posting. They contain a lot of typing errors that further confuse the matter.

Did you mean you had already "postED" the source code? I wanted to see the code after you made the changes. I thought you said that it started to report invalid password after you made the change. So that's why I need to know how the code looks now.

This article has been dead for over six months. Start a new discussion instead.