0

My forgot password is not updating the token table nor is it updating the password when changes it keeps echoing the error message below is the form code:

Forgot Password</strong></h3>
      <form name="forgot" method="POST" id="forgot" action="includes/reset.php">
        <div align="center">
          <table width="372" border="0">
            <tr>
              <td width="181"><p> </p>
                <p><strong>Password</strong></p></td>
              <td width="181"><span id="sprytextfield1"><br />
                <label for="label"></label>
                <input type="password" name="passsowrd" id="password" />
                <span class="textfieldRequiredMsg">Your password is required</span></span></td>
</tr>
            <tr>
              <td><p> </p>
                <p><strong>Confenter code hereirm Password</strong></p></td>
              <td><span id="spryconfirm2">
                <label for="password"></label>
                <input type="password" name="password2" id="password" />
                <span class="confirmRequiredMsg">A value is required.</span><span class="confirmInvalidMsg">The values don't match.</span></span></td>
</tr>
</table>
</div>
    <div align="center">
      <p> </p>
      <table width="98" border="0">
        <tr>
          <th width="44" scope="row"><input type="submit" name="submit" id="submit" value="submit" /></th>
          <th width="44" scope="row"><input type="reset" name="clear" id="clear" value="Clear" /></th>
        </tr>
      </table>
    </div>
    <div align="center">
      <table width="372" border="0">
        <tr> </tr>
        <tr> </tr>
      </table>
    </div>
  </form>

and the reset.php is:

<?php
session_start();
error_reporting(0);
$token=$_GET['token'];
include("settings.php");
connect();
if(!isset($_POST['password'])){
$q="select email from tokens where token='".$token."' and used=0";
$r=mysql_query($q);
while($row=mysql_fetch_array($r))
   {
$email=$row['email'];
   }
If ($email!=''){
          $_SESSION['email']=$email;
}
else die("Invalid link or Password already changed  <a href='../index.php'>Click here to go back to the HOME PAGE<a/>");}

$pass=$_POST['password'];
$email=$_SESSION['email'];

if(isset($_POST['password'])&&isset($_SESSION['email']))
{
$q="update registration set password='".md5($pass)."' where email='".$email."'";
$r=mysql_query($q);
if($r)mysql_query("update tokens set used=1 where token='".$token."'");echo "Your password is changed successfully  <a href='../index.php'>Click here to go back to the HOME PAGE<a/>";
if(!$r)echo "An error occurred";
    }

so the issue is the following error message is echoed all the time: Invalid link or Password already changed.

also if i add the following to the php code:

if(!isset($pass)){
echo '<form method="post">
enter your new password:<input type="password" name="password" />
<input type="submit" value="Change Password">
</form>
';}

then it works but opens it in new blank page which is un professional thats y am trying to add it to the html. any suggestions thanks.

3
Contributors
11
Replies
45
Views
4 Years
Discussion Span
Last Post by php.coder
0

thanks for the reply but the token nor the email is being selected still echoing the same thing: select email from tokens where token='' and used=0
Invalid link or Password already changed Click here to go back to the HOME PAGE. and no error

Edited by php.coder

0

it is being called in the php NOTE that the when i add:

if(!isset($pass)){
echo '<form method="post">
enter your new password:<input type="password" name="password" />
<input type="submit" value="Change Password">
</form>
';}

it works but i removed it because i want to put it in the HTML form.

0

the token is a unique generated chars which help the application to recognize who has requested for a password

-1

You are trying to read that from the GET, but you haven't specified it anywhere. I'd expect it to be in the form's action.

0

but i mean if i add the

if(!isset($pass)){
echo '<form method="post">
enter your new password:<input type="password" name="password" />
<input type="submit" value="Change Password">
</form>
';}

it works perfectly meaning that if the HTML form wasnt there it works but with a plain page it get the token but because i added the HTML form it doesnt work

-3

@pritaeas this post has no solution thanks for the help but delete it it wont help any one as it hasnt helped me

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.