I'm currently trying to create a registration form for my website (this has worked in the past)
and I keep getting a registration fail, no errors are appearing - has anyone got any ideas why?
I used to have a recaptcha function within it but I don't see that being the issue.
I've tried to fix this for days.
PHP:
if (isset($_POST['register'])) {
if (!empty($username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING)) AND !empty($email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)) AND !empty($password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING)) AND !empty($password2 = filter_input(INPUT_POST, 'password2', FILTER_SANITIZE_STRING))) {
$password = EncryptPasswords($password);
$password2 = EncryptPasswords($password2);
$qry = $con->prepare("SELECT * FROM `users` WHERE `username`=:username");
$qry->execute(["username"=>$username]);
if ($qry->rowCount() == 0) {
$qry = $con->prepare("SELECT * FROM `users` WHERE `email`=:email");
$qry->execute(["email"=>$email]);
if ($qry->rowCount() == 0) {
if ($password == $password2) {
$random = substr(str_shuffle(str_repeat("0123456789abcdefghijklmnopqrstuvwxyz", 86)), 0, 86);
$RANDOMqry = $con->prepare("SELECT * FROM `users` WHERE `access_token`=:id");
$RANDOMqry->execute(["id"=>$random]);
while ($RANDOMqry->rowCount() > 0) {
$random = substr(str_shuffle(str_repeat("0123456789abcdefghijklmnopqrstuvwxyz", 86)), 0, 86);
$RANDOMqry = $con->prepare("SELECT * FROM `users` WHERE `access_token`=:id");
$RANDOMqry->execute(["id"=>$random]);
}
$REGqry = $con->prepare("INSERT INTO `users` (`username`, `email`, `email_ver`, `password`, `access_token`, `registered`, `rank`)
VALUES
(:user, :email, :veri, :password, :access, :times, :ranks)");
$REGexct = $REGqry->execute(["user"=>$username, "email"=>$email, "veri"=>"no", "password"=>$password, "access"=>$random, "times"=>$timestamp, "ranks"=>"2"]);
if ($REGexct) {
$qry = $con->prepare("SELECT * FROM `users` WHERE `username`=:username");
$qry->execute(["username"=>$username]);
$row = $qry->fetch();
setcookie('accesstoken',$row->access_token,time()+(86400 * 14),'/');
setcookie('_uc_id',$row->id,time()+(86400 * 14),'/');
setcookie('_uc_pw',$row->password,time()+(86400 * 14),'/');
$_SESSION['cerror'] = '<div class="alert alert-success">Your account has been registered, please enter the following information correctly or leave it for a further date.</div>';
header('Location: /members/register-details');
exit();
} else {
$_SESSION['cerror'] = '<div class="alert alert-danger"><strong>Error: </strong>Registration Failed.</div>';
header('Location: '.$cwd);
exit();
}
} else {
$_SESSION['cerror'] = '<div class="alert alert-danger"><strong>Error: </strong>Passwords do not match.</div>';
header('Location: '.$cwd);
exit();
}
} else {
$_SESSION['cerror'] = '<div class="alert alert-danger"><strong>Error: </strong>That email is already in use, you\'ll need to pick another.</div>';
header('Location: '.$cwd);
exit();
}
} else {
$_SESSION['cerror'] = '<div class="alert alert-danger"><strong>Error: </strong>That username already exists, you\'ll need to pick another.</div>';
header('Location: '.$cwd);
exit();
}
} else {
$_SESSION['cerror'] = '<div class="alert alert-danger"><strong>Error: </strong>You must fill in all of the details to log in.</div>';
header('Location: '.$cwd);
exit();
}
}
HTML:
<form action method="post">
<div class="form-group">
<input name="username" type="text" class="form-control input-lg" placeholder="Choose a username" autocomplete="off" autofocus />
</div>
<div class="form-group">
<input name="email" type="email" class="form-control input-lg" placeholder="Enter your email address" autocomplete="off" />
</div>
<div class="form-group">
<input name="password" type="password" class="form-control input-lg" placeholder="Choose a password" autocomplete="off" />
</div>
<div class="form-group">
<input name="password2" type="password" class="form-control input-lg" placeholder="Confirm your password" autocomplete="off" />
</div>
<div class="form-group">
<div class="g-recaptcha" data-sitekey="6LdJYZAUAAAAALere0Qs9ns7S4nMUajPKsHWXGOr"></div>
</div>
<div class="form-group">
<button name="register" type="submit" class="button button-login pull-right"><i class="fas fa-plus-square"></i> Register</button>
</div>
</form>
Related
This is my custom user registration form WordPress site, actually, this is my first custom development, and here all the data passes the DB my problem is I need to show my error message inside the HTML code. how can I do it? can anyone help me to solve this problem? now my error messages show like this (Array ( [username_empty] => Needed Username [email_valid] => Email has no valid value [texnumber_empty] => Needed Tax Number )) but I need only show error message only Ex: this one ( [username_empty] => Needed Username) I need to show "Needed Username"
Like this.
if (is_user_logged_in()) {
// echo '<script>alert("Welcome, registered user!")</script>';
echo '<script type="text/javascript">';
echo 'alert("Welcome, registered user!");';
echo 'window.location.href = "Url";';
echo '</script>';
} else {
// echo 'Welcome, visitor!';
global $wpdb;
if ($_POST) {
$username = $wpdb->escape($_POST['user_login']);
$email = $wpdb->escape($_POST['user_email']);
$taxnumber = $wpdb->escape($_POST['tax_number']);
$password = $wpdb->escape($_POST['user_pass']);
$ConfPassword = $wpdb->escape($_POST['user_confirm_password']);
$error = array();
if (strpos($username, ' ') !== FALSE) {
$error['username_space'] = "Username has Space";
}
if (empty($username)) {
$error['username_empty'] = "Needed Username";
}
if (username_exists($username)) {
$error['username_exists'] = "Username already exists";
}
if (!is_email($email)) {
$error['email_valid'] = "Email has no valid value";
}
if (email_exists($email)) {
$error['email_existence'] = "Email already exists";
}
if (empty($taxnumber)) {
$error['texnumber_empty'] = "Needed Tax Number";
}
if (strcmp($password, $ConfPassword) !== 0) {
$error['password'] = "Password didn't match";
}
if (count($error) == 0) {
$user_id = wp_create_user($username, $password, $email);
$userinfo = array(
'ID' => $user_id,
'user_login' => $username,
'user_email' => $email,
'user_pass' => $password,
'role' => 'customer',
);
// Update the WordPress User object with first and last name.
wp_update_user($userinfo);
// Add the company as user metadata
update_user_meta($user_id, 'tax_number', $taxnumber);
echo '<script type="text/javascript">';
echo 'alert("User Created Successfully");';
echo 'window.location.href = "url";';
echo '</script>';
exit();
} else {
print_r($error);
}
}
?>
<section id="wholesale-custom-register-form">
<div class="container wholesale-custom-register-form">
<div class="register-form">
<div class="register-form-title">
<h1>Wholesale Register Form</h1>
</div>
<div class="wholesale-register">
<form class="register-fm" method="POST">
<div class="form-group">
<label>User Name</label>
<input class="form-control" type="text" name="user_login" id="user_login" placeholder="Username" />
<?php foreach ($error as $error) {
echo $error . "<br>";
} ?>
</div>
<div class="form-group">
<label>Email</label>
<input class="form-control" type="email" name="user_email" id="user_email" placeholder="Email" />
</div>
<div class="form-group">
<label>Tax Number</label>
<input class="form-control" type="text" name="tax_number" id="tax_number" placeholder="Tax Number" />
</div>
<div class="form-group">
<label>Enter Password</label>
<input class="form-control" type="password" name="user_pass" id="user_pass" placeholder="Password" />
</div>
<div class="form-group">
<label>Enter Cofirm Password</label>
<input class="form-control" type="password" name="user_confirm_password" id="user_confirm_password" placeholder="Cofirm Password" />
</div>
<div class="form-group">
<button class="custom-register-btn" type="submit" name="btnsubmit">Log In</button>
</div>
</form>
</div>
</div>
</div>
</section>
<?php
};
This is my code I will try many times but I can't get the error messages inside the HTML body.
You want to make an AJAX call to register a user then use a callback function to check for success. If a field is invalid you also check it with javascript.
So you would need to refactor your code, seperate it into frontend/backend code and connect it via AJAX.
Write your PHP code as "add_action_hook" and register function
Onclick validate fields and inputs
Call the hook via AJAX (url: "/wp-admin/admin-ajax.php")
Return result
These are just very abstract steps, you'll need to gather some intel for yourself. You could take a look at this: https://awhitepixel.com/blog/wordpress-use-ajax/ and https://docs.wpvip.com/technical-references/security/validating-sanitizing-and-escaping/
I would do something like this
if (is_user_logged_in()) {
// echo '<script>alert("Welcome, registered user!")</script>';
echo '<script type="text/javascript">';
echo 'alert("Welcome, registered user!");';
echo 'window.location.href = "Url";';
echo '</script>';
} else {
// echo 'Welcome, visitor!';
global $wpdb;
if ($_POST) {
$username = $wpdb->escape($_POST['user_login']);
$email = $wpdb->escape($_POST['user_email']);
$taxnumber = $wpdb->escape($_POST['tax_number']);
$password = $wpdb->escape($_POST['user_pass']);
$ConfPassword = $wpdb->escape($_POST['user_confirm_password']);
if (strpos($username, ' ') !== FALSE) {
$errorMsg[] = "Username has Space";
}
if (empty($username)) {
$errorMsg[] = "Needed Username";
}
if (username_exists($username)) {
$errorMsg[] = "Username already exists";
}
if (!is_email($email)) {
$errorMsg[] = "Email has no valid value";
}
if (email_exists($email)) {
$errorMsg[] = "Email already exists";
}
if (empty($taxnumber)) {
$errorMsg[] = "Needed Tax Number";
}
if (strcmp($password, $ConfPassword) !== 0) {
$errorMsg[] = "Password didn't match";
}
if (count($errorMsg) == 0) {
$user_id = wp_create_user($username, $password, $email);
$userinfo = array(
'ID' => $user_id,
'user_login' => $username,
'user_email' => $email,
'user_pass' => $password,
'role' => 'customer',
);
// Update the WordPress User object with first and last name.
wp_update_user($userinfo);
// Add the company as user metadata
update_user_meta($user_id, 'tax_number', $taxnumber);
echo '<script type="text/javascript">';
echo 'alert("User Created Successfully");';
echo 'window.location.href = "url";';
echo '</script>';
exit();
} else {
print_r($errorMsg);
}
}
?>
<section id="wholesale-custom-register-form">
<div class="container wholesale-custom-register-form">
<div class="register-form">
<div class="register-form-title">
<h1>Wholesale Register Form</h1>
</div>
<div class="wholesale-register">
<form class="register-fm" method="POST">
<div class="form-group">
<label>User Name</label>
<input class="form-control" type="text" name="user_login" id="user_login" placeholder="Username" />
<?php foreach ($errorMsg as $error) {
?>
<div>
<strong><?= $error; ?> </strong>
</div>
<?php
} ?>
</div>
<div class="form-group">
<label>Email</label>
<input class="form-control" type="email" name="user_email" id="user_email" placeholder="Email" />
</div>
<div class="form-group">
<label>Tax Number</label>
<input class="form-control" type="text" name="tax_number" id="tax_number" placeholder="Tax Number" />
</div>
<div class="form-group">
<label>Enter Password</label>
<input class="form-control" type="password" name="user_pass" id="user_pass" placeholder="Password" />
</div>
<div class="form-group">
<label>Enter Cofirm Password</label>
<input class="form-control" type="password" name="user_confirm_password" id="user_confirm_password" placeholder="Cofirm Password" />
</div>
<div class="form-group">
<button class="custom-register-btn" type="submit" name="btnsubmit">Log In</button>
</div>
</form>
</div>
</div>
</div>
</section>
<?php
};
index.php
This is the login form
<div class="modal-body">
<form action="loginPDO.php" method="post">
<?php if(isset($message))
{
echo '<label class="text-danger">'.$message.'</label>';
} ?>
<div class="form-group">
<label for="recipient-name" class="col-form-label">Username:</label>
<input type="text" name="username" id="username" placeholder="Enter Username" class="form-control">
</div>
<div class="form-group">
<label for="message-text" class="col-form-label">Password:</label>
<input type="password" name="password" id="password" placeholder="Enter Password" class="form-control">
</div>
<div class="form-group">
<button type="submit" name="login" id="login" class="btn btn-primary">Login</button>
<button type="button" class="btn btn-info">Register</button>
</div>
</form>
</div>
loginPDO.php
<?php
include 'dbconnection.php';
if(isset($_POST["login"]))
{
if(empty($_POST["username"]) || empty($_POST["password"]))
{
$message = '<label>All fields are required</label>';
header("location:index.php");
}
else
{
$query = "SELECT * FROM users WHERE username = :username AND password = :password";
$statement = $conn->prepare($query);
$statement->execute(
array(
'username' => $_POST["username"],
'password' => $_POST["password"]
)
);
$count = $statement->rowCount();
if($count > 0)
{
$_SESSION["username"] = $_POST["username"];
header("location:dashboard.php");
}
else
{
$message = '<label>Wrong Data</label>';
header("location:index.php");
}
}
}
?>
Hi Guys, I want to know how to display the alert message once the user inputs incorrect credentials
For example, Imagine the user inputs wrong credentials once the user clicks the login button it automatically appears the alert message above Username.
$message just exists in file loginPDO.php and ...
$message = '<label>Wrong Data</label>';
header("location:index.php");
Is not sufficient to pass the $message variable to index.php.
As said in comments you can try
// file loginPDO.php
$message = '<label>Wrong Data</label>';
header("location:index.php?error=" . urlencode("Wrong Data"));
// file index.php
<?php
$message = isset($_GET['error']) ? $_GET['error'] : null; // get the error from the url
if(!empty($message)) {
echo '<label class="text-danger">'.$message.'</label>';
} ?>
I have a bootstrap form and i use jquery modal so i can open it on the same index.php window and when it is submitted the form should close and save data to database which it does on the other hand if there are error messages from formValidation.php file then it should show error messages instead of closing form.Now it does disappear even if there are errors and when i open it up again error messages are shown.I know there has been similar questions but i really cant make up solution for weeks from all sources i can get so i am a bit frustrated.Would appreciate help.Here is my code.
Here is my form from index.php file
<div class="container" id="register" style="display:none">
<div class="row centered-form">
<div class="col-xs-12 col-sm-8 col-md-4 col-sm-offset-2 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Banāns <small>Sia</small></h3>
</div>
<div class="panel-body">
<form role="form" class="ajax" method="post" action="index.php">
<?php include('classes/errors.php'); ?>
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<label>Vārds</label>
<input type="text" name="firstname" value="<?php echo $firstName;?>" id="firstname" class="form-control input-sm" placeholder="Vārds">
</div>
</div>
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<label>Uzvārds</label>
<input type="text" name="lastname" value="<?php echo $lastName;?>" id="lastname" class="form-control input-sm" placeholder="Uzvārds">
</div>
</div>
</div>
<div class="form-group">
<label>Lietotājvārds</label>
<input type="text" name="username" value="<?php echo $userName;?>" id="username" class="form-control input-sm" placeholder="Lietotājvārds">
</div>
<div class="form-group">
<label>E-pasts</label>
<input type="email" name="email" value="<?php echo $email;?>" id="email" class="form-control input-sm" placeholder="E-pasta adrese">
</div>
<div class="form-group">
<label>Telefona numurs</label>
<input type="number" name="number" value="<?php echo $number;?>" id="number" class="form-control input-sm" placeholder="Telefona numurs">
</div>
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<label>Parole</label>
<input type="password" name="password1" id="password1" class="form-control input-sm" placeholder="Parole">
</div>
</div>
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<label>Apstipriniet paroli</label>
<input type="password" name="password2" id="password2" class="form-control input-sm" placeholder="Apstipriniet paroli">
</div>
</div>
</div>
<input type="submit" name="submit" id="submit" value="Register" class="btn btn-info btn-block">
<span id="success_msg"></span>
<span id="error_msg"></span>
<p>Aizvērt ...</p>
</form>
</div>
</div>
</div>
</div>
</div>
Here is my formValidation.php
<?php
include('classes/config.php');
$firstName = $lastName = $userName = $email = $number = $password1 = $password2 = "" ;
$errors = array();
if(isset($_POST["submit"])) {
$firstName = mysqli_real_escape_string($con, $_POST["firstname"]);
$lastName = mysqli_real_escape_string($con, $_POST["lastname"]);
$userName = mysqli_real_escape_string($con, $_POST["username"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
$number = mysqli_real_escape_string($con, $_POST["number"]);
$password1 = mysqli_real_escape_string($con, $_POST["password1"]);
$password2 = mysqli_real_escape_string($con, $_POST["password2"]);
if (empty($firstName)) {
array_push($errors, "Lūdzu ievadiet vārdu.");
} else {
$firstName = test_input($firstName);
if (!preg_match("/^[a-zēūīāšžčķļņA-ZŅĒŪĪĀŠŽČĶĻŅ]*$/",$firstName)) {
array_push($errors, "Lūdzu ievadiet tikai burtus.");
}
}
if (empty($lastName)) {
array_push($errors, "Lūdzu ievadiet uzvārdu.");
} else {
$lastName = test_input($lastName);
if (!preg_match("/^[a-zēūīāšžčķļņA-ZŅĒŪĪĀŠŽČĶĻŅ]*$/",$lastName)) {
array_push($errors, "Lūdzu ievadiet tikai burtus.");
}
}
if (empty($userName)){
array_push($errors, "Lūdzu ievadiet lietotājvārdu.");
} else {
$userName = test_input($userName);
if(strlen($userName <= "6")){
array_push($errors, "Lietotājvārdam jāsastāv no vismaz 6 burtiem un/vai cipariem.");
}
}
if (empty($email)) {
array_push($errors,"Lūdzu ievadiet e-pasta adresi.");
} else {
$email = test_input($email);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
array_push($errors, "Lūdzu pārbaudiet e-pasta adresi.");
}
}
if (empty($number)) {
$number = "NULL";
} else {
$number = test_input($number);
if (!preg_match("/^[0-9]{8}$/", $number)) {
array_push($errors, "Lūdzu ievadiet 8 ciparu numuru.");
}
}
if(!empty($password1) && $password1 == $password2){
$password1 = test_input($password1);
$password2 = test_input($password2);
} elseif ($password1 != $password2){
array_push($errors, "Paroles nesakrīt.");
} else {
array_push($errors, "Lūdzu ievadiet paroli.");
}
if(count($errors) == 0){
$password = md5($password1);
$query = "INSERT INTO users(firstname, lastname, username, email, phonenumber, password)
VALUES ('$firstName', '$lastName', '$userName', '$email', '$number', '$password')";
mysqli_query($con, $query);
$_SESSION["username"] = "$userName";
$_SESSION["succes"] = "Apsveicu, tu esi pieslēdzies!";
header("location: index.php");
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
and my error messages are looped trough in seperate errors.php file and are echoed in error class in index.php
<?php if (count($errors) > 0) : ?>
<div class="error">
<?php foreach ($errors as $error) : ?>
<p><?php echo $error ?></p>
<?php endforeach ?>
</div>
<?php endif ?>
And finally Ajax
This submits the form and it closes even if there are error messages.
$("#submit").click(function() {
e.preventDefault();
var firstname = $("#firstname").val();
var lastname = $("#lastname").val();
var username = $("#username").val();
var email = $("#email").val();
var number = $("#number").val();
var password1 = $("#password1").val();
var password2 = $("#password2").val();
var submit = $("#submit").val();
$.ajax({
url: "classes/formValidation.php",
method: "POST",
data: {
firstname: firstname,
lastname: lastname,
username: username,
email: email,
number: number,
password1: password1,
password2: password2,
},
success: function(data){
if(data == "success"){
$("#register").hide();
location.reload();
}else{
return false;
}
}
});
});
And i have tried this
If i open up console it retrieves all my form name attributes in an object.I have tried to change action to my formValidation.php or errors.php but it does not work.
$('form.ajax').on('submit', function(){
var bzz = $(this),
url = bzz.attr('action'),
method = bzz.attr('method'),
data = {};
bzz.find('[name]').each(function(index, value) {
var bzz = $(this),
name = bzz.attr('name'),
value = bzz.val();
data[name] = value;
console.log(data);
});
$.ajax({
url: url,
type: method,
data: data,
success: function(response) {
console.log(response);
}
});
return false;
});
`
$username = mysqli_real_escape_string($connection, $_POST['username']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
if (!preg_match("/^\w+$/",$username)) {
$error = true;
$username_error = "Username cant contain space and special characters";
}
if(strlen($password) < 6) {
$error = true;
$password_error = "Password must be minimum of 6 characters";
}
$result = mysqli_query($connection, "SELECT * FROM users WHERE username = '" . $username. "' and password = '" . md5($password) . "'");
if ($row = mysqli_fetch_array($result)) {
$_SESSION['usr_id'] = $row['id'];
$_SESSION['usr_name'] = $row['name'];
if ($row['id'] == 1) {
header("Location: priv8/ididthis.php");
} else if ($row['id'] >= 1) {
header("Location: index.php");
} else {
$errormsg = "Incorrect username or Password!";
}
can u see what's wrong with my code ? the $errormsg doesn't showing when the username or the password is wrong..
`
<body>
<div class="layout">
<div class="layout-screen">
<div class="app-title">
<h1>Login</h1>
</div>
<div class="layout-form">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<div class="control-group">
<input type="text" name="username" class="login-field" value="" placeholder="username" id="login-username">
<label class="login-field-icon fui-user" for="login-username"></label>
</div>
<div class="control-group">
<span><?php if (isset($username_error)) { echo $username_error; } ?></span>
</div>
<div class="control-group">
<input type="password" name="password" class="login-field" value="" placeholder="password" id="login-pass">
<label class="login-field-icon fui-lock" for="login-pass"></label>
</div>
<div class="control-group">
<span><?php if (isset($password_error)) { echo $password_error; } ?></span>
</div>
<div class="control-group">
<input class="btn btn-primary btn-large btn-block" type="submit" name="login" value="Sign in"/>
</div>
</form>
<span><?php if (isset($errormsg)) { echo $errormsg; } ?></span>
<a class="layout-link" href="forgot.php">Lost your password?</a>
</div>
</div>
</div>
The problem is that your error message is inside this block
if ($row = mysqli_fetch_array($result)){
if ($row['id'] == 1) {...}
else if ($row['id'] >= 1) {...}
else {
$errormsg = "Incorrect username or Password!";
}
}
This means that the error message is never shown because row id will always be 1 or >=1. To fix, move the error message out, like this:
if ($row = mysqli_fetch_array($result)){
if ($row['id'] == 1) {...}
else($row['id'] >= 1) {...}
}
else {
$errormsg = "Incorrect username or Password!";
}
I am currently working on PHP forgot password reset, which partially doing the job but seeking some assistance to improve it further.
1st issue: It is not displaying the correct email address on the
submission form. It updates the password correctly but doesn't
display correct email address.
2nd issue: Also if the user makes an error while submitting the form on reloading the page doesn't update the password hence the user has to go back to his email to click back on the link.
<?php
include('../config/connection.php');
if(isset($_POST['submit'])){
$password = mysqli_real_escape_string($dbc,$_POST['password']);
$Rpassword = mysqli_real_escape_string($dbc,$_POST['Rpassword']);
$acode=$_POST['encrypt'];
$passmd = md5(SHA1($password));
if (empty($password) OR empty($Rpassword)) {
$error = 'One or either field is missing';
} if ($password != $Rpassword) {
$error = 'Passwords don\'t match';
} if(strlen($password)<6 OR strlen($Rpassword)>20) {
$error = 'Password must be between 6 to 20 characters';
}
else {
$query = mysqli_query($dbc,"select * from users where passreset='$acode'") or die(mysqli_error($dbc));
if (mysqli_num_rows ($query)==1)
{
$query3 = mysqli_query($dbc,"UPDATE users SET password='$passmd',passreset=0 WHERE passreset='$acode'")
or die(mysqli_error($dbc));
$sent = 'Password has been Changed successfully, Please sign in for loging in.';
}
else
{
$error = 'Please click back on the Forgot password link to reset your password ';
}
}
}
?>
<body>
<?php if(!isset($_POST['submit']) OR $error != '' OR isset($error)) { ?>
<?php if(isset($error) AND $error !='')
{
echo '<p style="color:#c43235">'.$error.'</p>';
}
?>
<form action="reset.php" method="post" role="form">
<div class="form-group">
<label for="password">Email</label>
<input type="text" class="form-control" id="email" name="email" value="
<?php
$acode=$_POST['encrypt'];
$query5 = mysqli_query($dbc,"SELECT * FROM users where passreset='$acode'") or die(mysqli_error($dbc));
$list = mysqli_fetch_array($query5); /* Error-----*/
$val = $list['email'];
echo $val;?>" >
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Password" >
</div>
<div class="form-group">
<label for="password">Re-enter Password</label>
<input type="password" class="form-control" id="password" name="Rpassword" placeholder="Password" >
</div>
<input type="hidden" class="form-control" name="encrypt" value="<?php echo $_GET['encrypt'];?>" >
<button class="btn btn-success" type="submit" name="submit" />Submit</button>
</form>