Solved

Cannot figure out why I am getting an unexpected T-string error message.

Posted on 2010-11-13
16
326 Views
Last Modified: 2013-04-25
I am trying to set up a "Forgot Password" page but getting the error message above.

Below is the portion of my code where this is supposedly occurring - at line 171. Line 171 is the line that says - - - - session_register("session");

  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
   
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
0
Comment
Question by:wchirnside
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 8
16 Comments
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129329
Can you post the whole page code in a code block?  Often, t-string errors actually occur farther up in the code and it is only discovered when the php at the reported error line interacts with that code.
0
 

Author Comment

by:wchirnside
ID: 34129366
Don't know exactly what you mean by code block - I know I SHOULD know but anyway, I believe the following is my whole page.

<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129372
Do you see the button in the comment box that says "Code"? :)  Anyway, good enough.
0
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129377
Just out of curiousity, why are you even using session_register()?
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129381
Also, you have two calls to session_start().  Lines 43 and 170.  The one at 170 doesn't need to be there (and neither does session_register).  Remove those two lines and test again.
0
 

Author Comment

by:wchirnside
ID: 34129385
<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

Thanks, Actually didn't see that. Is this better?

WC

Open in new window

0
 

Author Comment

by:wchirnside
ID: 34129386
<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

Thanks, Actually didn't see that. Is this better?

WC

Open in new window

0
 

Author Comment

by:wchirnside
ID: 34129402
Yes, I was wondering about that second session.

Anyway, retested and now get this error -
Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /Library/WebServer/Documents/TBR/forgotpass.php on line 171

Line 171 is now this line -

$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129826
Change it like so:

$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
0
 

Author Comment

by:wchirnside
ID: 34130731
Thanks, it now says - unexpected T Variable in line 173 which is now this line.

$email_address = $_POST['email_address'];

Following is the area that includes this code. This page is made up of code that I have taken from different pages in my site as well as code that I have saved so perhaps these are fighting with the original page code?

    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php

Open in new window

0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34131591
>> This page is made up of code that I have taken from different pages in my site as well as code that I
>> have saved so perhaps these are fighting with the original page code?

Probably.  I'll need another dump of the complete page code to try and find the misplaced quote mark...
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34131859
Also, which version of PHP are you using?
0
 

Author Comment

by:wchirnside
ID: 34132887
I think I am using PHP 5 - definitely not 6.

Following is most of the code from the page.

Thanks

WC

<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

Open in new window

0
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 500 total points
ID: 34133274
I'm fairly sure the error comes from the other script you downloaded or created.  I also notice that this page is a HTML fragment (the closing body and html tags do not seem to be present) so depending on the state  of the variable $_POST['email_address'] when the page is loaded, you could be generating all sorts of weird errors.

Start over.  Take a blank page and begin re-adding all the code again, testing as you go.
0
 

Author Comment

by:wchirnside
ID: 34133330
Okay Thanks. Will take a look at what I have done and attempt this again. Back to you in a couple of days.

WC
0
 

Author Closing Comment

by:wchirnside
ID: 34561622
Thanks. Have postponed this for the time being.

WC
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SWF won't scale? 4 533
How Can I Get A Back Button To Work On My Website? 1 133
Website Design 13 136
DW 2017 background color change 5 52
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
This article is very specific and is only intended to help if you are installing Dreamweaver 8 in a Windows 7 environment with Office 2007 installed.   I'm not sure why Microsoft tends to release OS' that should not be released but they do.  Windows…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question