PHP Change password script issue

Hi all,

i am working on a Password change script for my site. The below script works a treat all except for one thing. If a user enters an email address thats not in the database the script errors.

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in /home/user/public_html/sr_Change_Password_Script.php on line 39

As i said other than this issue the script works.

I have a page with a form that passes the POST data to this script.

The script seems to have a problem when the $result doesnt get any data. At least thats what i think based on there error

Hope you can help


<?php  
 
session_start(); 
 
include 'Connections/EE_con.php';  
 
 
 
$useremail = $_POST['user_email']; 
$password = $_POST['cur_password']; 
$newpassword = $_POST['new_password']; 
$confirmnewpassword = $_POST['con_password']; 
 
if(!$useremail){
$message = "You have not entered an email address";
header("Location: sr_Change_Password.php?message=$message");
exit();
}
else{
////////////////////////////////
 
mysql_select_db($database_EE_con, $EE_con);
     $query_rstUser = sprintf("SELECT user_password FROM users WHERE user_email='$useremail'");
         
     $result = mysql_query($query_rstUser, $EE_con) or die(mysql_error());
     $row_rstUser = mysql_fetch_assoc($result);
 
 
///////////////////////////////////////
 
if(!$result)  
{  
$message = "The username you entered does not exist";
	header("Location: sr_Change_Password.php?message=$message");
	exit();
}else
if(sha1($password)!= mysql_result($result, 0))  
{  
//echo "You entered an incorrect password";  
$message = "You entered an incorrect password";
	header("Location: sr_Change_Password.php?message=$message");
	exit();
 
}  
 
if(!$newpassword){
 
$message = "You must enter a password";
header("Location: sr_Change_Password.php?message=$message");
}
 
if($newpassword == $confirmnewpassword)  
    $sql=mysql_query("UPDATE users SET user_password='".sha1($newpassword)."' where user_email='$useremail'");  
    if($sql)  
    {  
    //echo "Congratulations You have successfully changed your password";  
	$message = "Congratulations You have successfully changed your password";
	header("Location: sr_Change_Password.php?message=$message");
exit();
    } 
else 
{  
//echo "The new password and confirm new password fields must be the same";
$message = "The new password and confirm new password fields must be the same";
	header("Location: sr_Change_Password.php?message=$message");
exit();
}   
}
 
?>

Open in new window

LVL 1
satmanukAsked:
Who is Participating?
 
CasUKCommented:
Change line 31:

if (mysql_num_rows($result) == 0){

0
 
nplibCommented:
mysql_result($result, 0) this needs another paramter,
mysql_result($result, 0, "user_password");
the mysql_result() function works as follows,

mysql_result(query_results, row_number, field);

row_number begins at 0.
0
 
nplibCommented:
however since you did this,
$row_rstUser = mysql_fetch_assoc($result);

you could replace your mysql_result() function with
$row_rstUser['user_password']

so this
if(sha1($password)!= mysql_result($result, 0, "user_password"))
or
if(sha1($password)!= $row_rstUser['user_password'])

should work
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
satmanukAuthor Commented:
I tried what you said nplib but i still get the same error.

CasUK - Yours worked.

Thanks!
0
 
satmanukAuthor Commented:
thanks
0
 
nplibCommented:
how can if(sha1($password)!= $row_rstUser['user_password']) give the same error when it's not invoking the mysql_results() function?
0
 
satmanukAuthor Commented:
may be not the same error on both of your suggestions but both error'd
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.