Solved

PHP Change password script issue

Posted on 2007-12-05
7
7,545 Views
Last Modified: 2012-05-05
Hi all,

i am working on a Password change script for my site. The below script works a treat all except for one thing. If a user enters an email address thats not in the database the script errors.

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in /home/user/public_html/sr_Change_Password_Script.php on line 39

As i said other than this issue the script works.

I have a page with a form that passes the POST data to this script.

The script seems to have a problem when the $result doesnt get any data. At least thats what i think based on there error

Hope you can help


<?php  
 

session_start(); 
 

include 'Connections/EE_con.php';  
 
 
 

$useremail = $_POST['user_email']; 

$password = $_POST['cur_password']; 

$newpassword = $_POST['new_password']; 

$confirmnewpassword = $_POST['con_password']; 
 

if(!$useremail){

$message = "You have not entered an email address";

header("Location: sr_Change_Password.php?message=$message");

exit();

}

else{

////////////////////////////////
 

mysql_select_db($database_EE_con, $EE_con);

     $query_rstUser = sprintf("SELECT user_password FROM users WHERE user_email='$useremail'");

         

     $result = mysql_query($query_rstUser, $EE_con) or die(mysql_error());

     $row_rstUser = mysql_fetch_assoc($result);
 
 

///////////////////////////////////////
 

if(!$result)  

{  

$message = "The username you entered does not exist";

	header("Location: sr_Change_Password.php?message=$message");

	exit();

}else

if(sha1($password)!= mysql_result($result, 0))  

{  

//echo "You entered an incorrect password";  

$message = "You entered an incorrect password";

	header("Location: sr_Change_Password.php?message=$message");

	exit();
 

}  
 

if(!$newpassword){
 

$message = "You must enter a password";

header("Location: sr_Change_Password.php?message=$message");

}
 

if($newpassword == $confirmnewpassword)  

    $sql=mysql_query("UPDATE users SET user_password='".sha1($newpassword)."' where user_email='$useremail'");  

    if($sql)  

    {  

    //echo "Congratulations You have successfully changed your password";  

	$message = "Congratulations You have successfully changed your password";

	header("Location: sr_Change_Password.php?message=$message");

exit();

    } 

else 

{  

//echo "The new password and confirm new password fields must be the same";

$message = "The new password and confirm new password fields must be the same";

	header("Location: sr_Change_Password.php?message=$message");

exit();

}   

}
 

?>

Open in new window

0
Comment
Question by:satmanuk
  • 3
  • 3
7 Comments
 
LVL 6

Accepted Solution

by:
CasUK earned 500 total points
ID: 20411349
Change line 31:

if (mysql_num_rows($result) == 0){

0
 
LVL 17

Expert Comment

by:nplib
ID: 20411966
mysql_result($result, 0) this needs another paramter,
mysql_result($result, 0, "user_password");
the mysql_result() function works as follows,

mysql_result(query_results, row_number, field);

row_number begins at 0.
0
 
LVL 17

Expert Comment

by:nplib
ID: 20411988
however since you did this,
$row_rstUser = mysql_fetch_assoc($result);

you could replace your mysql_result() function with
$row_rstUser['user_password']

so this
if(sha1($password)!= mysql_result($result, 0, "user_password"))
or
if(sha1($password)!= $row_rstUser['user_password'])

should work
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:satmanuk
ID: 20412865
I tried what you said nplib but i still get the same error.

CasUK - Yours worked.

Thanks!
0
 
LVL 1

Author Closing Comment

by:satmanuk
ID: 31412840
thanks
0
 
LVL 17

Expert Comment

by:nplib
ID: 20412890
how can if(sha1($password)!= $row_rstUser['user_password']) give the same error when it's not invoking the mysql_results() function?
0
 
LVL 1

Author Comment

by:satmanuk
ID: 20413027
may be not the same error on both of your suggestions but both error'd
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Introduction Since I wrote the original article about Handling Date and Time in PHP and MySQL (http://www.experts-exchange.com/articles/201/Handling-Date-and-Time-in-PHP-and-MySQL.html) several years ago, it seemed like now was a good time to updat…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now