L
l
Guest
I want to use my PHP script to change the password of a user.
When I use the script, it says it works, but it doesn't change it in the database. Could you please tell me what is wrong.
///////START OF SCRIPT//////////
<?php
session_start();
include("database.php");
include("login.php");
$username = $_SESSION['username'];
$password = $_POST["curpass"];
$epassword = md5($password);
$eepassword = md5($newpass);
$newpassword = $_POST["newpass"];
$conn = mysql_connect("localhost", "root", "*****") or die(mysql_error());
mysql_select_db('site', $conn) or die(mysql_error());
$query="SELECT password FROM users WHERE username LIKE '%$username%'";
$result= mysql_query($query);
if(!$result) {
echo "An Error has occurred.";
}
if ($row = mysql_fetch_array($result)) {
if ($row["password"] == $epassword) {
echo $row["password"];
echo "<br>";
echo $epassword;
echo "<br>";
echo "Success!";
echo "<br>";
$sql = "UPDATE users SET password = '$eepassword' WHERE username = '$username'";
if($sql) {
echo "Congratulations You have successfully changed your password";
} else {
echo "The new password and confirm new password fields must be the same";
}
}
}
if($newpassword == ""){
echo "You must enter a password";
}
?>
/////////END OF SCRIPT////////////
When I use the script, it says it works, but it doesn't change it in the database. Could you please tell me what is wrong.
///////START OF SCRIPT//////////
<?php
session_start();
include("database.php");
include("login.php");
$username = $_SESSION['username'];
$password = $_POST["curpass"];
$epassword = md5($password);
$eepassword = md5($newpass);
$newpassword = $_POST["newpass"];
$conn = mysql_connect("localhost", "root", "*****") or die(mysql_error());
mysql_select_db('site', $conn) or die(mysql_error());
$query="SELECT password FROM users WHERE username LIKE '%$username%'";
$result= mysql_query($query);
if(!$result) {
echo "An Error has occurred.";
}
if ($row = mysql_fetch_array($result)) {
if ($row["password"] == $epassword) {
echo $row["password"];
echo "<br>";
echo $epassword;
echo "<br>";
echo "Success!";
echo "<br>";
$sql = "UPDATE users SET password = '$eepassword' WHERE username = '$username'";
if($sql) {
echo "Congratulations You have successfully changed your password";
} else {
echo "The new password and confirm new password fields must be the same";
}
}
}
if($newpassword == ""){
echo "You must enter a password";
}
?>
/////////END OF SCRIPT////////////