I am making a change password page in php, i am having problem. Kindly guide me where i am getting problem.
<form action="do_change_password.php" method="post">
<table width="70%" cellpadding="0" cellspacing="0" align="center" border="0">
<tr>
<td colspan="2" align="center">
<h2>CHANGE PASSWORD</h2>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="40%" height="30">Current Password
</td>
<td width="60%">
<input name="password" type="password" id="password" size="30"/>
</td>
</tr>
<tr>
<td height="30">New Password</td>
<td>
<input name="newpassword" type="password" id="newpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30">Confirm New Password</td>
<td>
<input name="confirmnewpassword" type="password" id="confirmnewpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30" colspan="2" align="center">
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset"/>
</td>
</tr>
</table>
</form>
do_change_password.php
<?php
include 'includes/dbConnect.php';
$password = $_POST['password'];
$newpassword = $_POST['newpassword'];
$confirmnewpassword = $_POST['confirmnewpassword'];
$error_msg = "Field(s) cannot be empty";
if ($password == '' || $newpassword == '' ||$confirmnewpassword == '')
{
echo $error_msg;
exit;
}
$result = mysql_query("SELECT password FROM users WHERE password='$password'");
if
($password != mysql_result($result< 0))
{
echo "Entered an incorrect password";
}
if($newpassword == $confirmnewpassword)
{
$sql = mysql_query("UPDATE registration SET password = '$newpassword' WHERE password='$current_password'");
}
if(!$sql)
{
echo "Congratulations, password successfully changed!";
}
else
{
echo "New password and confirm password must be the same!";
}
?>
dbConnect.php
<?php
error_reporting(E_ERROR);
global $link;
$servername='localhost';
$dbname='school';
$dbusername='root';
$dbpassword='';
$table_Name="students";
$link = mysql_connect($servername,$dbusername,$dbpassword);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
else
{
mysql_select_db($dbname,$link) or die ("could not open db".mysql_error());
}
?>
I am getting this error, i am not able to change the password:
Entered an incorrect passwordCongratulations, password successfully changed! cannot change the password
Kindly tell me where i am doing mistake.
Thanks in advance
I believe you mixed up id with name in the input tags.
Replace...
<input name="current" type="password" id="password" size="30"/>
...with...
<input id="current" type="password" name="password" size="30"/>
Basically whatever you specify as name in your input tags is what you'll be able to get through $_POST.
So <input name="whatever" /> will be $_POST['whatever'].
<input name="current" type="password" id="password" size="30" name="password"/>
$password = $_POST['password'];
$_POST it should be accept name attribute from html tag.
Try to replace your form with this .... your mistake to change your field names, and try to improve your php code see this SQL injection
<form action="do_change_password.php" method="post">
<table width="70%" cellpadding="0" cellspacing="0" align="center" border="0">
<tr>
<td colspan="2" align="center">
<h2>CHANGE PASSWORD</h2>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="40%" height="30">Current Password
</td>
<td width="60%">
<input name="password" type="password" id="password" size="30"/>
</td>
</tr>
<tr>
<td height="30">New Password</td>
<td>
<input name="newpassword" type="password" id="newpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30">Confirm New Password</td>
<td>
<input name="confirmnewpassword" type="password" id="confirmnewpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30" colspan="2" align="center">
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset"/>
</td>
</tr>
</table>
</form>
<form action="do_change_password.php" method="post">
<table width="70%" cellpadding="0" cellspacing="0" align="center" border="0">
<tr>
<td colspan="2" align="center">
<h2>CHANGE PASSWORD</h2>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="40%" height="30">Current Password
</td>
<td width="60%">
<input name="password" type="password" id="password" size="30"/>
</td>
</tr>
<tr>
<td height="30">New Password</td>
<td>
<input name="newpassword" type="password" id="newpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30">Confirm New Password</td>
<td>
<input name="confirmnewpassword" type="password" id="confirmnewpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30" colspan="2" align="center">
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset"/>
</td>
</tr>
</table>
</form>
try this..it will work fine.
You must capture:
$password = $_POST['current'];
$newpassword = $_POST['new'];
$confirmnewpassword = $_POST['confirm-new'];
Or replace the name of your inputs.
Related
I'm trying to do a remember me. I'm having an issue were the cookie isn't setting after a form action redirect.
I know this is not the safest way to store a password but it does matter because this is just a simple page that has no information that is important.
if(isset($_POST['signin']))
{
setcookie("cid",$id,time()+60*60);
setcookie("cpass",$pass,time()+60*60);
}
?>
<body>
<form action="login.php" method="post">
<hr/>
<table align="center">
<tr>
<td colspan="2" align="center"><?php echo #$err;?></td>
</tr>
<tr>
<th>Your email</th>
<td><input type="text" name="username" placeholder="username" value="<?php echo #$_COOKIE['cid'];?>" required/></td>
</tr>
<tr>
<th>Your password</th>
<td><input type="password" placeholder="password" name="password" value="<?php echo #$_COOKIE['cpass'];?>" required/>
</td>
</tr>
<tr>
<th>Stay Signed In</th>
<td><input type="checkbox" name="ch"/></td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="signin" value="SignIn"/></td>
</tr>
</table>
</form>
</body>
Add this lines in,
if(isset($_POST['signin']))
{
setcookie("cid",$id,time()+60*60);
setcookie("cpass",$pass,time()+60*60);
}
?>
in login.php
Since your action of the form is login.php.
</table>
</form>
This is also wrong, it should be
</form>
</table>
OK, I'm creating a simple login page. this is what I have so far;
<?php
$user = $_POST["username"];
$pass = $_POST["password"];
$validated = false;
session_start();
if($user!=""&&$pass!="")
{
if($user=="Kenny"&&$pass=="Hereford")
$validated = true;
if($validated)
{
$_SESSION['BTECPage'] = "OK";
$_SESSION['username'] = $user;
$_SESSION['password'] = $pass;
header('Location: protected.php');
}
else
{
$_SESSION['BTECPage'] = "";
echo "Invalid username or password.";
}
}
else $_SESSION['BTECPage'] = "";
?>
<html>
<body>
<h1 align="center">Login Page</h1>
<p align="center">Please enter your username and password:</p>
<form action="BTECLoginPage.php" method="post">
<table>
<tr>
<td align="center">Username: </td>
<td align="center"><input size=\"20\"
type="text" size="20" maxlength="15"
name="username"></td>
</tr>
<tr>
<td
align="center">Password: </td>
<td align="center"><input size=\"20\"
type="password" size="20"
maxlength="15" name="password"></td>
</tr>
<tr>
<td> </td>
<td colspan="2"
align="center"><input type="submit"
value="Login"></td>
</tr>
</table>
</form>
</body>
</html>
How do I get the textboxes to align to the center correctly? I know of the align feature but where do i place it?
I'm still kinda new to this so sorry if this is a noob question
You could do much simpler aligning using CSS but you probably want to use HTML's parameters.
You can align the table by simply adding align="center" as you have previously done on other tags.
Now that the form is aligned, the submit button is weirdly aligned because you have an additional <td> that you do not need. Removing that would help and the submit button will also be in the center.
Code for the table:
<table align="center">
<tr>
<td align="center">Username: </td>
<td align="center"><input size=\"20\"
type="text" size="20" maxlength="15"
name="username"></td>
</tr>
<tr>
<td
align="center">Password: </td>
<td align="center"><input size=\"20\"
type="password" size="20"
maxlength="15" name="password"></td>
</tr>
<tr>
<td colspan="2"
align="center"><input type="submit"
value="Login"></td>
</tr>
</table>
You can use CSS to align it into center try this one <table style="width:200px; margin-left:auto; margin-right:auto; border:1px solid #ddd; padding:10px;">
some of my code in addUser.php it pure html
addUser.php
<form action="process/addNewUser.php" method="POST" id="userForm">
<table width="79%" border="0" cellspacing="6" cellpadding="1"
class="tabcont">
<tr>
<td width="47%" align="right">Title:</td>
<td width="53%">
<select name="title"><option value='0'>- - select - -</option>
</select>
</td>
</tr>
<tr>
<td width="47%" align="right">
First Name:</td>
<td width="53%"><input type="text" id="firstname" name="firstName" class="required" /></td>
</tr>
<tr>
<td align="right">Middle Name:</td>
<td><input type="text" id="middlename" name="middleName" class="name" /></td>
</tr>
<tr>
<td align="right">Password:</td>
<td><input name="password" value="" readonly="readonly"
id="password" class="required" " /></td>
</tr>
<tr>
<td align="right" colspan="2">
<input name="addNewUser" type="submit" class="submit" id="submit" value="Submit" />
</td>
</tr>
</table>
</form>
addNewUser.php
Here i am doing validations and displaying error messages and if it is success sending him to another page.
But i want to show an error message on addUser.php instead of validations page. Please give me a sample code how i can do it.
addNewUser.php
Add the message in the session
$_SESSION["ErrorMsg"]="Name already exists";
And in your addUser.php , you put the following code in the place you need to show the msg :
if($_SESSION["ErrorMsg"])
{
echo $_SESSION["ErrorMsg"];
$_SESSION["ErrorMsg"]="";
}
I wonder whether someone may be able to help me please.
I've put together a form and php code (below) that allows an administrator to search for member records from a mysql database using the email address as the search criteria.
HTML Form
<form name="memberpasswordresetform" id="memberpasswordresetform" method="post" action="search.php">
<div class="container">
<p align="justify">Member Details </p>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="26%" height="25"><strong>Email Address </strong></td>
<td width="4%"> </td>
<td width="70%"><input name="email" type="email" id="email" size="50" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm Email Address </strong></td>
<td> </td>
<td><input name="conf_email" type="email" id="conf_email" size="50" /></td>
</tr>
<tr>
<td height="25"><label>
<input type="submit" name="Submit" value="search" />
</label></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>First Name </strong></td>
<td> </td>
<td><input name="fname" type="text" id="fname" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Last Name </strong></td>
<td> </td>
<td><input name="lname" type="text" id="lname" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>New Password</strong></td>
<td> </td>
<td><input name="newpass" type="password" id="newpass" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm New Password </strong></td>
<td> </td>
<td><input name="conf_newpass" type="password" id="conf_newpass" size="30" /></td>
</tr>
<tr>
<td height="25"><input type="submit" name="save" value="save" /></td>
<td> </td>
<td> </td>
</tr>
</table>
</div>
</form>
PHP Script
<?php
include("admin/link.php");
include("admin/opendb.php");
mysql_select_db ("userdetails");
$term = $_POST['email'];
$sql = mysql_query("select forename, surname, email address from userdetails where emailaddress like '%$email%'");
while ($row = mysql_fetch_array($sql)){
echo '<br/> First Name: '.$row['forename'];
echo '<br/> Last Name: '.$row['surname'];
echo '<br/><br/>';
}
?>
The search functionality works fine, but I can't work out how to populate the forename and surname fields on my form from the records retrieved from my database. I've been looking for, and found examples on how to do this, if I want to simply show the data as a table, but I can't find any that explain how to populate the fields in a form.
I just wondered whether it would be at all possible that someone could provide some guidance please on how I can do this.
Many thanks
The previous answer will work fine if short tags are enabled on the server. You should stick to the long syntax as below in case you change hosting providers at a later date.
<input name="fname" type="text" id="fname" size="30" value="<?php echo $row['surname']; ?>" />
just set the value of your input element
<tr>
<td height="25"><strong>First Name </strong></td>
<td> </td>
<td><input name="fname" type="text" id="fname" size="30" value="<?= $row['surname'] ?>" /></td>
</tr>
hi everyone i am trying to get validate captcha on my form but i would like validation to take place on the form without a change of state.
currently the page refreshes to display the error message and the page loses all form values and i can understand that this can be frustrating to users who have to retype the information.
how can i get the error message to display right below the captcha image area? this way the user can make the necessary corrections to their mistake without re-entering everything.
<?php session_start();
include_once ("resources/Connections/kite.php");
include_once $_SERVER['DOCUMENT_ROOT'] . '/securimage/securimage.php';
$securimage = new Securimage();
?>
<div class="c13">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="69%" align="center"><p class="c6">New Account</p>
<?php
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$password = mysql_real_escape_string($_POST['password2']);
//check if the form has been submitted
if(isset($_POST['submit'])){
if ($securimage->check($_POST['captcha_code']) == false) {
// the code was incorrect
// you should handle the error so that the form processor doesn't continue
// or you can use the following code if there is no validation or you do not know how
echo "The security code entered was incorrect.<br /><br />";
echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again.";
}
else
//success
echo '<p class="c7">Thanks for signing up. We have just sent you an email at <b>'.$email.'</b>. Please click on the confirmation link within this message to complete registration.<br><img src="resources/img/spacer.gif" alt="" width="1" height="20"><br><span class="c12">
<input name="" type="button" class="c11" value="Register" onClick="location.href=\'main.php\'"/>
</span><br><img src="resources/img/spacer.gif" alt="" width="1" height="15"></p></div>';
include_once ("resources/php/footer.php");
exit;
}
?>
<p class="c7">Just enter your details to get started</p>
<div class="c10">
<form action="<?php echo $PHP_SELF;?>" method="post" id="register" name="register">
<table width="100%" border="0" cellpadding="0" cellspacing="">
<tr>
<td colspan="3" class="c8" height="25px" valign="bottom">Username</td>
</tr>
<tr>
<td width="46%"></td>
<td width="46%"></td>
<td width="54%" class="c8"></td>
</tr>
<tr>
<td colspan="3" class="c8"><span id="sprytextfield2">
<input name="username" type="text" class="required"/>
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td colspan="3" class="c8" height="25px" valign="bottom">Email</td>
</tr>
<tr>
<td></td>
<td></td>
<td class="c8"></td>
</tr>
<tr>
<td colspan="3" class="c8"><span id="sprytextfield3">
<input name="email" type="text" class="required"/>
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span><span class="textfieldInvalidFormatMsg">Invalid format.</span></span></td>
</tr>
<tr>
<td></td>
<td></td>
</tr>
<tr>
<td colspan="3" class="c8" height="25px" valign="bottom">Password (minimum of 8 characters)</td>
</tr>
<tr>
<td></td>
<td></td>
<td class="c8"></td>
</tr>
<tr>
<td colspan="3" class="c8"><span id="sprytextfield4">
<input name="password" type="password" class="required" id="password"/>
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMinCharsMsg">Minimum number of characters not met.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td colspan="3" class="c8" height="25px" valign="bottom">Confirm Password</td>
</tr>
<tr>
<td></td>
<td></td>
<td class="c8"></td>
</tr>
<tr>
<td colspan="3" class="c8"><span id="spryconfirm1">
<input name="password2" type="password" class="required"/>
<span class="confirmRequiredMsg">A value is required.</span><span class="confirmInvalidMsg">The values don't match.</span></span></td>
</tr>
<tr>
<td colspan="3" class="c8" height="25px" valign="bottom">Enter Code</td>
</tr>
<tr>
<td colspan="3" class="c8"><img id="captcha" src="resources/securimage/securimage_show.php" alt="CAPTCHA Image" /> </td>
</tr>
<tr>
<td colspan="3" class="c8"><input type="text" name="captcha_code" size="10" maxlength="6" />
Swap image</td>
</tr>
<tr>
<td colspan="3" class="c8"><span class="c12"><img src="resources/img/spacer.gif" width="1" height="40" alt="" /></span></td>
</tr>
<tr>
<td colspan="3" class="c8"><span class="c12">
<input name="submit" type="submit" class="c11" value="Continue"/>
</span></td>
</tr>
</table>
</form>
</div>
<br /></td>
<td width="31%" valign="middle" align="center"> </td>
</tr>
</table>
</div>
The values that the user has entered are being sent also so why not access them and put them into the fields should there be an error
<input name="username" type="text" class="required" value="<?php echo $username ?>"/>
This will put whatever the user entered into the fields for you. Of course you need to setup all the relevant error checking.