I am a traniee yet, and I've been working out on this code to let a member change his password using $_POST method, but i am missing something and i cant find out what it is, any quick help will be very appriciated.

This is the page for form using post.

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Change Password</title>
<style type="text/css">
<!--
body {margin: 0px}
-->
<body>

<form action="test.php" method="post">
Enter your email: <input type="text" name="email">
Enter your Present Password: <input type="password" name="oldpass">
Enter New Password: <input type="password" name="newpass1">
Re-enter New Password: <input type="password" name="newpass2">
<input type="submit" value="Submit">
</form>

</body>
</style></head>
</html>

and this is the page (test.php) where it will update password

<?php
session_start();

include 'connect_to_mysql.php';  

$email = $_POST['email'];
$password = md5($_POST['oldpass'];
$newpassword = md5($_POST['newpass1'];
$confirmnewpassword = md5($_POST['newpass2'];

$result = mysql_query("SELECT password FROM members WHERE email='$email'");
if(!$result)
{
echo "The email you entered does not exist";
}
else
if($password!= mysql_result($result, 0))
{
echo "You entered an incorrect password";
}
if($newpassword=$confirmnewpassword)
    $sql=mysql_query("UPDATE members SET password='$newpassword' where email='$email'");
    if($sql)
    {
    echo "Congratulations You have successfully changed your password";
    }
else
{
echo "The new password and confirm new password fields must be the same";
}
?>

It says "Parse error: syntax error, unexpected ';' in /home/u771899345/public_html/test.php on line 7"
I cant figure out what the problem is, please help!

Hi,

Try this..

    $password = md5($_POST['oldpass']);
    $newpassword = md5($_POST['newpass1']);
    $confirmnewpassword = md5($_POST['newpass2']);

plese try if it work, if it does let us know.

commented: thanx, it was a problem also. +0

Hello, is the problem with closing parenthesis, or other, maybe logical errors ?

  1. Error in form, you cannot wrap <style> within the body

I alter it, hope it working :)

---------------------------------------------------------------------------------------
1. form.php

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Change Password</title>
        <style type="text/css">
            body, table {font-family:Arial, Helvetica, sans-serif; font-size: 12px; color: #000 ;}
        </style>
    <body>
        <form action="form_p.php" method="post">
            <table>
                <tr>
                    <td>Enter your email:</td>
                    <td><input type="text" name="email"></td>
                </tr>
                <tr>
                    <td>Enter your Present Password:</td>
                    <td><input type="password" name="oldpass"></td>
                </tr>
                <tr>
                    <td>Enter New Password:</td>
                    <td><input type="password" name="newpass1"></td>
                </tr>
                <tr>
                    <td>Re-enter New Password:</td>
                    <td><input type="password" name="newpass2"></td>
                </tr>
                <tr>
                    <td>&nbsp;</td>
                    <td><input type="submit" value="Submit"></td>
                </tr>
            </table>
        </form>
    </body></head>
</html>
  1. form_p.php

    <?php
    session_start();
    include 'connect_to_mysql.php';

    $login_id = $_SESSION['login_id']; //pass session id after member logged in
    
    $email = $_POST['email'];
    $password = md5($_POST['oldpass']);
    $newpassword = md5($_POST['newpass1']);
    $confirmnewpassword = md5($_POST['newpass2']);
    
    $result = mysql_query("SELECT password FROM members WHERE email='$email' and id = '$login_id'");
    if (!$result) {
        echo "The email you entered does not exist";
    } 
    else {
        if ($password != mysql_result($result, 0, "password")) {
            echo "You entered an incorrect password";
        } 
        else {
            if ($newpassword = $confirmnewpassword) {
                $sql = mysql_query("UPDATE members SET password='$newpassword' where email='$email'");
    
                if ($sql) {
                    echo "Congratulations you have successfully changed your password";
                } else {
                    echo "Failed to update";
                }
            } 
            else {
                echo "New password and Confirm password not matched";
            }
        }
    }
    ?>
    
commented: thanx a lot man, you did a great help. +0

in the main post at line 21 (test.php)

if ($newpassword = $confirmnewpassword) {

are you assignning the vallues or for comparing the values of
($newpassword and confirmnewpassword)

let me clarify once pls

Further to all the other error corections you have received above, to check one variable equals another you need to use == not just = so change:

if ($newpassword == $confirmnewpassword)

Thanx all of you for so qucik reply but it still has some problem,
i am using now
form.php

    <!DOCTYPE HTML>
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Change Password</title>
    <style type="text/css">
    body, table {font-family:Arial, Helvetica, sans-serif; font-size: 12px; color: #000 ;}
    </style>
    <body>
    <form action="form_p.php" method="post">
    <table>
    <tr>
    <td>Enter your email:</td>
    <td><input type="text" name="email"></td>
    </tr>
    <tr>
    <td>Enter your Present Password:</td>
    <td><input type="password" name="oldpass"></td>
    </tr>
    <tr>
    <td>Enter New Password:</td>
    <td><input type="password" name="newpass1"></td>
    </tr>
    <tr>
    <td>Re-enter New Password:</td>
    <td><input type="password" name="newpass2"></td>
    </tr>
    <tr>
    <td>&nbsp;</td>
    <td><input type="submit" value="Submit"></td>
    </tr>
    </table>
    </form>
    </body></head>
    </html>

as Dean8710 sujjested, and following is the form_p.php

    <?php
    session_start();
    include 'connect_to_mysql.php';
    $email = $_POST['email'];
    $password = md5($_POST['oldpass']);
    $newpassword = md5($_POST['newpass1']);
    $confirmnewpassword = md5($_POST['newpass2']);
    $result = mysql_query("SELECT password FROM members WHERE email='$email'");
    if(!$result)
    {
    echo "The email you entered does not exist";
    }
    else
    if($password!=mysql_result($result, 8))
    {
    echo "You entered an incorrect password";
    }
    if($newpassword=$confirmnewpassword)
    $sql=mysql_query("UPDATE members SET password='$newpassword' where email='$email'");
    if($sql)
    {
    echo "Congratulations You have successfully changed your password";
    }
    else
    {
    echo "The new password and confirm new password fields must be the same";
    }
    ?>

but it says that "Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 11 in form_p.php on line 14.

You entered an incorrect password"

I haven't looked at everything as you have one major glaring problem and that is your HTML structure - your head tag is supposed to close before your body tag opens, the body tags DO NOT go inside your head tags:

<!DOCTYPE HTML>
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Change Password</title>
    <style type="text/css">
    body, table {font-family:Arial, Helvetica, sans-serif; font-size: 12px; color: #000 ;}
    </style>
    </head>
    <body>
    .
    .
    .
    </body>
    </html>

Sort this first.

as above said this line

mysql_result($result, 8) 

gives some error......... right

can you check for me the total no of members in your Members table?
(by manually)

i think that Members table does not contain as much as you specified in the query as above

check it once pls

and

let me know the status

You still haven't used the two equal signs as I said you need to but also, why not simplify things by doing your code liike this (also added some missing {} as you are mixing using them and not using them, bad preactice)

<?php
    session_start();
    include 'connect_to_mysql.php';
    $email = $_POST['email'];
    $password = md5($_POST['oldpass']);
    $newpassword = md5($_POST['newpass1']);
    $confirmnewpassword = md5($_POST['newpass2']);
    $query = mysql_query("SELECT password FROM members WHERE email='$email'");
    if(!$query)
    {
        echo "The email you entered does not exist";
    }
    else {
        $result = mysql_fetch_array($query);
        $currentpassword = $result['password'];
        if($password != $currentpassword)
        {
        echo "You entered an incorrect password";
        }
        if($newpassword == $confirmnewpassword) {
            $sql=mysql_query("UPDATE members SET password='$newpassword' where email='$email'");
            if($sql)
            {
                echo "Congratulations You have successfully changed your password";
            }
            else
            {
                echo "The new password and confirm new password fields must be the same";
            }
        }
    }
?>