[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Cannot figure out why I am getting an unexpected T-string error message.

Posted on 2010-11-13
16
Medium Priority
?
332 Views
Last Modified: 2013-04-25
I am trying to set up a "Forgot Password" page but getting the error message above.

Below is the portion of my code where this is supposedly occurring - at line 171. Line 171 is the line that says - - - - session_register("session");

  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
   
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
0
Comment
Question by:wchirnside
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 8
16 Comments
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129329
Can you post the whole page code in a code block?  Often, t-string errors actually occur farther up in the code and it is only discovered when the php at the reported error line interacts with that code.
0
 

Author Comment

by:wchirnside
ID: 34129366
Don't know exactly what you mean by code block - I know I SHOULD know but anyway, I believe the following is my whole page.

<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129372
Do you see the button in the comment box that says "Code"? :)  Anyway, good enough.
0
What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129377
Just out of curiousity, why are you even using session_register()?
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129381
Also, you have two calls to session_start().  Lines 43 and 170.  The one at 170 doesn't need to be there (and neither does session_register).  Remove those two lines and test again.
0
 

Author Comment

by:wchirnside
ID: 34129385
<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

Thanks, Actually didn't see that. Is this better?

WC

Open in new window

0
 

Author Comment

by:wchirnside
ID: 34129386
<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

    <p>&nbsp;</p>
<p>&nbsp;</p>
    <p>&nbsp;</p>
  </div>
  <div id="secondNavBar">
    <ul id="MenuBar2" class="MenuBarHorizontal">
      <li><a href="Index.php">Home</a></li>
      <li><A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A></li>
      <li><a href="TBRContactUs.html">Contact Us</a>      </li>
<li><a href="TBRAboutTBR.html">About Us</a>      </li>
      <li><a href="TBRUserAgree.html" class="MenuBarItemSubmenu">User Agreement</a>
        <ul>
          <li><a href="TBRTerms.html">Terms and Conditions</a></li>
<li><a href="TBRPrivacyPol.html">Privacy Policy</a></li>
        </ul>
      </li>
    </ul>
  </div>
</div>
</div>
</div>
  </div>
</div>
  </div>
  <div id="footer"><a href="Index.php">Home</a> | <A HREF="mailto:?subject=Useful Web Site!&body=http://www.TiredOfBeingRippedOff.ca">Email A Friend&nbsp;</A> | <a href="TBRContactUs.html">Contact Us</a> | <a href="TBRAboutTBR.html">About Us</a><a href="../TBRAboutTBR.html"></a> |<br />
  <a href="TBRUserAgree.html">User Agreement</a> | <a href="TBRTerms.html">Terms and Condiditons</a> | <a href="TBRPrivacyPol.html">Privacy Policy</a> | <a href="Register.php" title="Going to Register Page">Register</a></div>
</div>
<script type="text/javascript">
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1");
</script>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Open in new window

Thanks, Actually didn't see that. Is this better?

WC

Open in new window

0
 

Author Comment

by:wchirnside
ID: 34129402
Yes, I was wondering about that second session.

Anyway, retested and now get this error -
Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /Library/WebServer/Documents/TBR/forgotpass.php on line 171

Line 171 is now this line -

$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34129826
Change it like so:

$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
0
 

Author Comment

by:wchirnside
ID: 34130731
Thanks, it now says - unexpected T Variable in line 173 which is now this line.

$email_address = $_POST['email_address'];

Following is the area that includes this code. This page is made up of code that I have taken from different pages in my site as well as code that I have saved so perhaps these are fighting with the original page code?

    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php

Open in new window

0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34131591
>> This page is made up of code that I have taken from different pages in my site as well as code that I
>> have saved so perhaps these are fighting with the original page code?

Probably.  I'll need another dump of the complete page code to try and find the misplaced quote mark...
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 34131859
Also, which version of PHP are you using?
0
 

Author Comment

by:wchirnside
ID: 34132887
I think I am using PHP 5 - definitely not 6.

Following is most of the code from the page.

Thanks

WC

<?php require_once('Connections/TBR.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_TBR, $TBR);
$query_Recordset1 = "SELECT * FROM IDTBR2010";
$Recordset1 = mysql_query($query_Recordset1, $TBR) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password=md5($_POST['Password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "MemberProfileTBR.php";
  $MM_redirectLoginFailed = "IndexIncorrect.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_TBR, $TBR);
  
  $LoginRS__query=sprintf("SELECT UserName, Password FROM idtbr2010 WHERE UserName=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $TBR) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Index</title>
<style type="text/css">
<!--
body {
	background-color: #FFF;
	text-align: center;
}
#wrapper {
	text-align: left;
	width: 900px;
	margin-top: 0px;
	margin-right: auto;
	margin-bottom: 0px;
	margin-left: auto;
}
#description {
	height: 150px;
	background-color: #DEA749;
	width: 894px;
	margin-left: 6px;
}
#header {
	margin-top: 12px;
	margin-bottom: 12px;
}
#footer {
	margin-top: 12px;
	margin-bottom: 12px;
	clear: both;
	padding-left: 6px;
}
#logo {
	height: 81px;
}
#slogan {
	height: 36px;
}
#content {
	height: 504px;
	margin-left: 6px;
}
#nav {
	height: 50px;
	width: 894px;
	background-color: #DEA74B;
	margin-left: 6px;
}
#secondNavBar {
	height: 40px;
	margin-left: 6px;
}
-->
</style>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<script src="SpryAssets/SpryAccordion.js" type="text/javascript"></script>
<script src="SpryAssets/SpryCollapsiblePanel.js" type="text/javascript"></script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationPassword.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationPassword.css" rel="stylesheet" type="text/css" />
<link href="forms.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrapper">
  <div id="header">
    <div id="logo"><img src="Images/TBRlogoHoriz.jpg" width="900" height="81" alt="logo" /></div>
  </div>
  <div id="slogan">
    <p><img src="Images/TBRsloHoriz.jpg" width="900" height="36" alt="slogan" /></p>
</div>
  <div id="description"><img src="Images/Des.jpg" width="274" height="150" alt="Description" /><img src="Images/WhatItIs.jpg" width="185" height="150" alt="WhatItIs?" /><img src="Images/WhyWeNeedIt.jpg" width="225" height="150" alt="WhyWeNeedIt?" /><img src="Images/HowItWorks.jpg" width="210" height="150" alt="HowItWorks?" /></div>
  <div id="nav">
    <table width="700" border="0" align="right" cellpadding="3" cellspacing="0">
      <tr>
    <th width="525" align="right" scope="col"><label><a href="Register.php" onmouseout="MM_swapImgRestore()">Click The Register Button Or This Link To Join </a></label></th>
    <th width="175" align="right" scope="col"><a href="Register.php" onmouseout="MM_swapImgRestore()"><img src="Images/TBRRegister.jpg" alt="Going to Register Page" name="Register" width="126" height="27" border="0" align="left" id="Register" onclick="MM_swapImage('Register','','Images/TBRRegisterCL.jpg',0)" onmouseout="MM_swapImgRestore()" /></a></th>
  </tr>
</table></div>
  <div id="content">
    
    <?php
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class='two' href='javascript:history.go(-1)'>here</a> to go back";
// Convert to simple variables  
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
?>
<h2>Recover a forgotten password!</h2>
  <form id="ForgotPass" name="ForgotPass" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <label>Please Enter Your Email Address
      <input type="text" name="EmailAddress" id="EmailAddress" size="40"/>
        <label>
          <input type="submit" name="Submit" id="Submit" value="Submit" />
        </label>
  </form>
  <?php
}
elseif (empty($email_address)) {
    echo $empty_fields_message;
}
else {
$email_address=mysql_real_escape_string($email_address);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email_address,"@") OR !stristr($email_address,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email_address,username FROM users WHERE users.email_address = '$email_address'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email_address;// email is stored to a variable
 if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://www.jackgodfrey.org.uk/register'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $db_password = md5($random_password); 
     
    $sql = mysql_query("UPDATE users SET password='$db_password'  
                WHERE email_address='$email_address'"); 
     
    $subject = "Your password at www.yoursite.com"; 
    $message = "Hi, we have reset your password. 
     
    New Password: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email_address, $subject, $message, "From: yoursite.com Webmaster<admin@jyoursite.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://www.yoursite.com/login'>here</a> to login";
 } 
 else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

Open in new window

0
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 2000 total points
ID: 34133274
I'm fairly sure the error comes from the other script you downloaded or created.  I also notice that this page is a HTML fragment (the closing body and html tags do not seem to be present) so depending on the state  of the variable $_POST['email_address'] when the page is loaded, you could be generating all sorts of weird errors.

Start over.  Take a blank page and begin re-adding all the code again, testing as you go.
0
 

Author Comment

by:wchirnside
ID: 34133330
Okay Thanks. Will take a look at what I have done and attempt this again. Back to you in a couple of days.

WC
0
 

Author Closing Comment

by:wchirnside
ID: 34561622
Thanks. Have postponed this for the time being.

WC
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those who don't know, Adobe Dreamweaver is a popular commercial web editor that enables you to design, build and manage complex websites. The editor is a WYSIWYG (What You See Is What You Get) web editor, which means that you can create your web…
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question