hosk Posted April 29, 2012 Share Posted April 29, 2012 The password.php page (from Chapter 8, pg. 252, Updating records with PHP) is loading correctly in the browser, however it is not updating the database information when submitted, and does not report out any errors. I've gone line by line through the book, but I must be missing something. Any help would be most appreciated. <?php # Script 8.7 - password.php $page_title = 'Change your password'; include ('header.php'); if(isset($POST['submitted'])) { require_once ('mysqli_connect.php'); $errors = array(); if(empty($_POST['email'])) { $errors[] = 'You forgot to enter you email.'; } else { $e = mysqli_real_escape_string($dbc,trim($_POST['email'])); } if(empty($_POST['pass'])) { $errors[] = 'You forgot to enter you password.'; } else { $p = mysqli_real_escape_string($dbc,trim($_POST['pass'])); } if(!empty($_POST['pass1'])) { if($_POST['pass1'] != $_POST['pass2']) { $errors[] = 'Your new password did not match the confirmed pasword.'; } else { $np = mysqli_real_escape_string($dbc, trim($_POST['pass1'])); } } else { $errors[]= 'You forgot to enter your new passsword.'; } if (empty($errors)) { $q = "SELECT user_id FROM users WHERE (email='$e' AND pass=SHA1('$p'))"; $r = @mysqli_query($dbc, $q); $num = @mysqli_num_rows($r); if ($num == 1) { $row = mysqli_fetch_array($r,MYSQLI_NUM); $q = "UPDATE users SET pass=SHA1('$np') WHERE user_id=$row[0]"; $r = @mysqli_query($dbc,$q); if (mysqli_affected_rows($dbc) == 1 ){ echo '<h1>Thank you!</h1><p>Your password has been updated!</p><p><br /></p>'; } else { echo '<h1>System Error!</h1><p class="error">Your password could not be changed due to system error. Ha.</p>'; echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>'; } include ('footer.html'); exit(); } else { echo '<h1>Error!</h1><p class="error">The email address and password do not match those on file!.</p>'; } } else { echo '<h1>Error!</h1><p class="error">The following error(s) occured:<br />'; foreach ($errors as $msg) { echo " - $msg <br />\n"; } echo '</p><p>Please try again. </p><p><br /></p>'; } mysqli_close($dbc); } ?> <h1>Change your password</h1> <form action="password.php" method="post"> <p>Email address:<input type="text" name="email" size="20" maxlength="80" value="" /></p> <p>Current Password: <input type="password" name="pass" size="10" maxlength="20" /></p> <p>New Password: <input type="password" name="pass1" size="10" maxlength="20" /></p> <p>Confirm New Password: <input type="password" name="pass2" size="10" maxlength="20" /></p> <p><input type="submit" name="submit" value="Change Password" /></p> <input type="hidden" name="submitted" value="TRUE" /> </form> <?php include ('footer.html'); ?> Link to comment Share on other sites More sharing options...
HartleySan Posted April 30, 2012 Share Posted April 30, 2012 Hey there. Here are a few suggestions/questions: 1) Echo values in your code out at key points to ensure they are what you expect them to be. For example, echo out the input values right before the if (empty($errors)) statement to make sure they're right. After that, echo something within the if (empty($errors)) to ensure that you're even able to get that far in your code. Also, try echoing out the result of the SELECT query, etc. to ensure you're getting what you expect. By doing do, you can probably localize the error. 2) Load up phpMyAdmin separately, and try running similar queries directly on the DB, and make sure you get the results you expect. 3) You said your script doesn't work, but you didn't describe how. Is anything output to the screen? 4) I think you're using the 3rd edition of the book, not the 4th, so you may want to move this post. 5) I'm betting that the issue is with your DB design, not your PHP script, but I could be wrong. Please test out all of the above, and then let us know what you find, regardless of whether you're able to fix the problem or not. Thanks. Good luck. 1 Link to comment Share on other sites More sharing options...
hosk Posted April 30, 2012 Author Share Posted April 30, 2012 Hartley, thank you for your reply. Turns out I had left out the underscore in the $_POST argument. Thanks again! Link to comment Share on other sites More sharing options...
HartleySan Posted April 30, 2012 Share Posted April 30, 2012 Didn't even notice. Good eye! Link to comment Share on other sites More sharing options...
Recommended Posts