web_dev
asked on
Change Password
Hi i have created a login script using the tutorial follwing:
http://www.phpfreaks.com/tutorials/40/0.php
it send a generated password to the user via email but does not inlude a script to change the password after activation of the email address and username. Take a look at the link so you can see how the code works. I have got some code but get the follwing error:
Parse error: parse error, unexpected T_STRING in /changepw.php on line 10
Code: this code is called from a form on a html page
-------------------------- ---------- ---------- -changepw. php------- ---------- ---------- ---------- -
<?
function change_pass($old_pass1, $new_pass1, $new_pass2, $user) {
$oldpass = md5($old_pass1);
$queryoldpass = mysql_query("SELECT PASSWORD FROM users WHERE username = ".$user." AND password = ".$oldpass."");
if($new_pass1 == $new_pass2) {
if($queryoldpass) {
$newpass = md5($new_pass1);
$updatepass = mysql_query("UPDATE PASSWORD FROM users WHERE PASSWORD = ".$oldpass." VALUES ('".$newpass."')";
if(!$updatepass="") {
echo "Error!";
exit;
} else {
echo "Password Updated!";
}
} else {
echo "Paswords DO NOT Match!";
}
}
?>
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- -----
Thanks,
Web_Dev
http://www.phpfreaks.com/tutorials/40/0.php
it send a generated password to the user via email but does not inlude a script to change the password after activation of the email address and username. Take a look at the link so you can see how the code works. I have got some code but get the follwing error:
Parse error: parse error, unexpected T_STRING in /changepw.php on line 10
Code: this code is called from a form on a html page
--------------------------
<?
function change_pass($old_pass1, $new_pass1, $new_pass2, $user) {
$oldpass = md5($old_pass1);
$queryoldpass = mysql_query("SELECT PASSWORD FROM users WHERE username = ".$user." AND password = ".$oldpass."");
if($new_pass1 == $new_pass2) {
if($queryoldpass) {
$newpass = md5($new_pass1);
$updatepass = mysql_query("UPDATE PASSWORD FROM users WHERE PASSWORD = ".$oldpass." VALUES ('".$newpass."')";
if(!$updatepass="") {
echo "Error!";
exit;
} else {
echo "Password Updated!";
}
} else {
echo "Paswords DO NOT Match!";
}
}
?>
--------------------------
Thanks,
Web_Dev
exit is a function, and should therefore be written exit(). But that's line 11, so try it and post again if you get the same error.
ASKER
yeh that worked i got an error on line 8 saying unexpected ; so i took that out and now i get the following error
Parse error: parse error, unexpected T_IF in /changepw.php on line 9
Parse error: parse error, unexpected T_IF in /changepw.php on line 9
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok i implemented your code and all i get is a blank page back....
Are you calling the function?
ASKER
from where?
ASKER
and how?
Someplace you have a form that prompts the user for their user name, old password, and new password, perhaps in a file called getnewpassword.html. Then you submit that form to some page, perhaps called changepassword.php, which includes the function we're writing in this post. Then you have to call the function with the variables from the form, something like
extract($HTTP_POST_VARS);
change_pass($old_pass, $new_pass1, $new_pass2, $user);
where old_pass, new_pass1, new_pass2, and user are the names of the form elements from the previous page (e.g., you have <input type="password" name="old_pass">)
extract($HTTP_POST_VARS);
change_pass($old_pass, $new_pass1, $new_pass2, $user);
where old_pass, new_pass1, new_pass2, and user are the names of the form elements from the previous page (e.g., you have <input type="password" name="old_pass">)
ASKER
where do i put that in the form or top of the page? .....
ASKER
right i call the function at the top of the php page and it just displays wrong user/pass when details are correct i have check everything now cant change anything
ASKER
Hi i found out why it keeps displaying wrong username/password. I changed the password in the DB so it is not encrypted and it successfully changed the password. it doesn't match the old password with the encrypted password. how do i do that?
ASKER
Dont worry now i worked it out...what i done was to put
$oldpass = md5($old_pass1);
before the
$queryoldpass = mysql_query("SELECT username FROM users WHERE username = '$username' AND PASSWORD = '$oldpass'") or die(mysql_error());
Thanks for your help...
Web_Dev
$oldpass = md5($old_pass1);
before the
$queryoldpass = mysql_query("SELECT username FROM users WHERE username = '$username' AND PASSWORD = '$oldpass'") or die(mysql_error());
Thanks for your help...
Web_Dev