Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

PHP Change password script issue

Posted on 2007-12-05
7
Medium Priority
?
7,556 Views
Last Modified: 2012-05-05
Hi all,

i am working on a Password change script for my site. The below script works a treat all except for one thing. If a user enters an email address thats not in the database the script errors.

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in /home/user/public_html/sr_Change_Password_Script.php on line 39

As i said other than this issue the script works.

I have a page with a form that passes the POST data to this script.

The script seems to have a problem when the $result doesnt get any data. At least thats what i think based on there error

Hope you can help


<?php  
 
session_start(); 
 
include 'Connections/EE_con.php';  
 
 
 
$useremail = $_POST['user_email']; 
$password = $_POST['cur_password']; 
$newpassword = $_POST['new_password']; 
$confirmnewpassword = $_POST['con_password']; 
 
if(!$useremail){
$message = "You have not entered an email address";
header("Location: sr_Change_Password.php?message=$message");
exit();
}
else{
////////////////////////////////
 
mysql_select_db($database_EE_con, $EE_con);
     $query_rstUser = sprintf("SELECT user_password FROM users WHERE user_email='$useremail'");
         
     $result = mysql_query($query_rstUser, $EE_con) or die(mysql_error());
     $row_rstUser = mysql_fetch_assoc($result);
 
 
///////////////////////////////////////
 
if(!$result)  
{  
$message = "The username you entered does not exist";
	header("Location: sr_Change_Password.php?message=$message");
	exit();
}else
if(sha1($password)!= mysql_result($result, 0))  
{  
//echo "You entered an incorrect password";  
$message = "You entered an incorrect password";
	header("Location: sr_Change_Password.php?message=$message");
	exit();
 
}  
 
if(!$newpassword){
 
$message = "You must enter a password";
header("Location: sr_Change_Password.php?message=$message");
}
 
if($newpassword == $confirmnewpassword)  
    $sql=mysql_query("UPDATE users SET user_password='".sha1($newpassword)."' where user_email='$useremail'");  
    if($sql)  
    {  
    //echo "Congratulations You have successfully changed your password";  
	$message = "Congratulations You have successfully changed your password";
	header("Location: sr_Change_Password.php?message=$message");
exit();
    } 
else 
{  
//echo "The new password and confirm new password fields must be the same";
$message = "The new password and confirm new password fields must be the same";
	header("Location: sr_Change_Password.php?message=$message");
exit();
}   
}
 
?>

Open in new window

0
Comment
Question by:satmanuk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 6

Accepted Solution

by:
CasUK earned 2000 total points
ID: 20411349
Change line 31:

if (mysql_num_rows($result) == 0){

0
 
LVL 17

Expert Comment

by:nplib
ID: 20411966
mysql_result($result, 0) this needs another paramter,
mysql_result($result, 0, "user_password");
the mysql_result() function works as follows,

mysql_result(query_results, row_number, field);

row_number begins at 0.
0
 
LVL 17

Expert Comment

by:nplib
ID: 20411988
however since you did this,
$row_rstUser = mysql_fetch_assoc($result);

you could replace your mysql_result() function with
$row_rstUser['user_password']

so this
if(sha1($password)!= mysql_result($result, 0, "user_password"))
or
if(sha1($password)!= $row_rstUser['user_password'])

should work
0
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

 
LVL 1

Author Comment

by:satmanuk
ID: 20412865
I tried what you said nplib but i still get the same error.

CasUK - Yours worked.

Thanks!
0
 
LVL 1

Author Closing Comment

by:satmanuk
ID: 31412840
thanks
0
 
LVL 17

Expert Comment

by:nplib
ID: 20412890
how can if(sha1($password)!= $row_rstUser['user_password']) give the same error when it's not invoking the mysql_results() function?
0
 
LVL 1

Author Comment

by:satmanuk
ID: 20413027
may be not the same error on both of your suggestions but both error'd
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question