Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 214
  • Last Modified:

Add a feature- Password change once logged in...

Hi,

How would I go about adding a feature in the 'members' area of my website which would allow a member to change their current password,
so there would be a box for their username, then old password, new password and verify new password.
Many thanks....
0
jasocke2
Asked:
jasocke2
  • 4
  • 4
1 Solution
 
dgrafxCommented:
<cfif isDefined("form.fieldnames")>
<cfif form.password neq form.verify>
Do a script telling that passwords do not match and send back to form
<cfabort>
</cfif>

<CFQUERY datasource="#Request.Datasource#">
Update YourTable
SET Password = '#form.password#'
WHERE UserID = '#session.UserID#' <!--- or whatever your unique id is --->
and Password = '#form.oldpassword#'
</CFQUERY>            
</cfif>

<CFQUERY datasource="#Request.Datasource#" name="getUser">
Select fields
From YourTable
WHERE UserID = '#session.UserID#' <!--- or whatever your unique id is --->
</CFQUERY>      
      
<cfoutput query="getUser">
<FORM ACTION="thispage" METHOD="post">
Current Password<br>
<input type="password" name="oldpassword" value="#password#"><br><br>
New Password<br>
<input type="password" name="password" value=""><br><br>
Verify New Password<br>
<input type="password" name="verify" value=""><br><br>
</FORM>
</cfoutput>
0
 
jasocke2Author Commented:
Hi,

All that works fine!I've just changed it around abit so you put your user_id in and put your old password in, then your new one....

But I need abit of code that a message comes up if the user_ID and oldpassword dont match...

any ideas?

Thanks...
below is a cut down version of the code!!

<cfif isDefined("form.fieldnames")>
<cfif form.password neq form.verify>
Your new passwords dont match, please try again!!
<cfabort>
</cfif>

<CFQUERY datasource="jasvasquez-access">
Update users
SET Password = '#form.password#'
WHERE User_ID = '#form.User_ID#'
and Password = '#form.oldpassword#'
</CFQUERY>
</cfif>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
Updated
</body>
</html>
0
 
dgrafxCommented:
<cfif form.password neq form.verify>
<script>
alert("Your new passwords dont match, please try again!!")
history.go(-1)
</script>
<cfabort>
</cfif>
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
jasocke2Author Commented:
thanks... Ive put that in but that isn't what I meant sorry!!

I need an error messgae like that but checks that the username and password are right, so if the username is test and the password is test1 but the user puts test2 as the password an error message comes up!!
Thanks
0
 
dgrafxCommented:
In the update query - you'll see the code:
and Password = '#form.oldpassword#'
which requires the old password to be correct

If you need an alert then add another form field and use code below.
You'll then need to change form.oldpassword to listlast(form.oldpassword) in other areas of your code

<cfif listfirst(form.oldpassword) neq listlast(form.oldpassword)>
<script>
alert("Your existing password is incorrect!")
history.go(-1)
</script>
<cfabort>
</cfif>
Existing Password
<input type="hidden" name="oldpassword" value="#password#">
<input type="password" name="oldpassword" value="#password#">
0
 
jasocke2Author Commented:
hi,
 thanks!!
almost got it to work....
but if you put a different old password a messgae box doesnt pop up, it says 'updated' but doesnt actually update it...

this is my first bit of code for the input page...

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<FORM ACTION="changepw2.cfm" METHOD="post">
  <p>User ID <br>
    <input type="text" name="user_ID" value="">
</p>
  <p>Current Password<br>
      <input type="password" name="oldpassword" value="">
      <br>
      <br>
    New Password<br>
    <input type="password" name="password" value="">
    <br>
    <br>
    Verify New Password<br>
    <input type="password" name="verify" value="">
    <br>
    <br>
    <input name="submit" type="submit" value="submit">
    </p>
  </FORM>
</body>
</html>
 
.................................................... and this is the changepw2.cfm

<cfif listlast(form.password) neq form.verify>
<script>
alert("Your new passwords dont match, please try again!!")
history.go(-1)
</script>
<cfabort>
<cfif listfirst(form.oldpassword) neq listlast(form.oldpassword)>
<script>
alert("Your existing password is incorrect!")
history.go(-1)
</script>
<cfabort>
<CFQUERY datasource="jasvasquez-access">
Update users
SET Password = listlast('#form.password#')
WHERE User_ID = '#form.User_ID#'
and Password = '#form.oldpassword#'
</CFQUERY>
</cfif>
</cfif>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
Updated
</body>
</html>

sorry for all the questions!!
Thanks...
James
...the points will be comming your way...
0
 
jasocke2Author Commented:
if you put two non matching new passwords the error box comes up then...
many thanks..
James
0
 
dgrafxCommented:
my solution should work - thanks ...
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now