Solved

Cannot figure out why I am getting an unexpected T-string error message.

Posted on 2010-11-13
16
322 Views
Last Modified: 2013-04-25
I am trying to set up a "Forgot Password" page but getting the error message above.

Below is the portion of my code where this is supposedly occurring - at line 171. Line 171 is the line that says - - - - session_register("session");

  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
   
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
0
Comment
Question by:wchirnside
  • 8
  • 8
16 Comments
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Can you post the whole page code in a code block?  Often, t-string errors actually occur farther up in the code and it is only discovered when the php at the reported error line interacts with that code.
0
 

Author Comment

by:wchirnside
Comment Utility
Don't know exactly what you mean by code block - I know I SHOULD know but anyway, I believe the following is my whole page.

<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Do you see the button in the comment box that says "Code"? :)  Anyway, good enough.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Just out of curiousity, why are you even using session_register()?
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Also, you have two calls to session_start().  Lines 43 and 170.  The one at 170 doesn't need to be there (and neither does session_register).  Remove those two lines and test again.
0
 

Author Comment

by:wchirnside
Comment Utility
<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

Thanks, Actually didn't see that. Is this better?



WC

Open in new window

0
 

Author Comment

by:wchirnside
Comment Utility
<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

Thanks, Actually didn't see that. Is this better?



WC

Open in new window

0
 

Author Comment

by:wchirnside
Comment Utility
Yes, I was wondering about that second session.

Anyway, retested and now get this error -
Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /Library/WebServer/Documents/TBR/forgotpass.php on line 171

Line 171 is now this line -

$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Change it like so:

$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
0
 

Author Comment

by:wchirnside
Comment Utility
Thanks, it now says - unexpected T Variable in line 173 which is now this line.

$email_address = $_POST['email_address'];

Following is the area that includes this code. This page is made up of code that I have taken from different pages in my site as well as code that I have saved so perhaps these are fighting with the original page code?

    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php

Open in new window

0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
>> This page is made up of code that I have taken from different pages in my site as well as code that I
>> have saved so perhaps these are fighting with the original page code?

Probably.  I'll need another dump of the complete page code to try and find the misplaced quote mark...
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Also, which version of PHP are you using?
0
 

Author Comment

by:wchirnside
Comment Utility
I think I am using PHP 5 - definitely not 6.

Following is most of the code from the page.

Thanks

WC

<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

Open in new window

0
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 500 total points
Comment Utility
I'm fairly sure the error comes from the other script you downloaded or created.  I also notice that this page is a HTML fragment (the closing body and html tags do not seem to be present) so depending on the state  of the variable $_POST['email_address'] when the page is loaded, you could be generating all sorts of weird errors.

Start over.  Take a blank page and begin re-adding all the code again, testing as you go.
0
 

Author Comment

by:wchirnside
Comment Utility
Okay Thanks. Will take a look at what I have done and attempt this again. Back to you in a couple of days.

WC
0
 

Author Closing Comment

by:wchirnside
Comment Utility
Thanks. Have postponed this for the time being.

WC
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
Adobe Dreamweaver CS5 is a WYSIWYG web page editor that has advanced HTML, CSS, and Javascript rendering functionality and is probably the most well-known HTML editor available. Much of Dreamweaver's appeal centers around the Design View interfac…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now