Jump to content
Larry Ullman's Book Forums

Recommended Posts

I am working my way through the php6 & mysql5 book. I have come across a problem. I am at the “password.php” section. When I test the form in my browser and I press the change password button without filling in the form I get “Error!” If I then fill out my email address but don’t put the correct password in I still just get the “Error!” message with no notification of what I have done wrong. If I then complete the form correctly and press the change password button I just get a blank page with the header and footer displayed. I have been through the code a few times and can’t see where I have gone wrong. I then decided to download the completed lessons from the website and tested the form from the zip file. This form behaves in exactly the same way as mine does.

I have completed the register exercise and the register.php works fine. I have enclosed the script if it's any help:


<?php # Script 8.7 - password.php

// This page lets a user change their password.

$page_title = 'Change Your Password';

include ('includes/header.html');

// Check if the form has been submitted:

if (isset($_POST['submitted'])) {

require_once ('C://xampp/store/mysqli_connect.php'); // Connect to the db.


$errors = array(); // Initialize an error array.


// Check for an email address:

if (empty($_POST['email'])) {

$errors[] = 'You forgot to enter your email address.';

} else {

$e = mysqli_real_escape_string($dbc, trim($_POST['email']));



// Check for the current password:

if (empty($_POST['pass'])) {

$errors[] = 'You forgot to enter your current password.';

} else {

$p = mysqli_real_escape_string($dbc, trim($_POST['pass']));


// Check for a new password and match

// against the confirmed password:

if (!empty($_POST['pass1'])) {

if ($_POST['pass1'] != $_POST['pass2']) {

$errors[] = 'Your new password did not match the confirmed password.';

} else {

$np = mysqli_real_escape_string($dbc, trim($_POST['pass1']));


} else {

$errors[] = 'You forgot to enter your new password.';



if (empty($errors)) { // If everything's OK.


// Check that they've entered the right email address/password combination:

$q = "SELECT user_id FROM users WHERE (email='$e' AND pass=SHA1('$p') )";

$r = @mysqli_query($dbc, $q);

$num = @mysqli_num_rows($r);

if ($num == 1) { // Match was made.


// Get the user_id:

$row = mysqli_fetch_array($r, MYSQLI_NUM);

// Make the UPDATE query:

$q = "UPDATE users SET pass=SHA1('$np') WHERE user_id=$row[0]";

$r = @mysqli_query($dbc, $q);


if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.


// Print a message.

echo '<h1>Thank you!</h1>

<p>Your password has been updated. In Chapter 11 you will actually be able to log in!</p><p><br /></p>';


} else { // If it did not run OK.


// Public message:

echo '<h1>System Error</h1>

<p class="error">Your password could not be changed due to a system error. We apologize for any inconvenience.</p>';


// Debugging message:

echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>';



// Include the footer and quit the script (to not show the form).

include ('includes/footer.html');



} else { // Invalid email address/password combination.

echo '<h1>Error!</h1>

<p class="error">The email address and password do not match those on file.</p>';



} else { // Report the errors.


echo '<h1>Error!</h1>

<p class="error">The following error(s) occurred:<br />';

foreach ($errors as $msg) { // Print each error.

echo " - $msg<br />\n";


echo '</p><p>Please try again.</p><p><br /></p>';


} // End of if (empty($errors)) IF.

mysqli_close($dbc); // Close the database connection.


} // End of the main Submit conditional.


<h1>Change Your Password</h1>

<form action="password.php" method="post">

<p>Email Address: <input type="text" name="email" size="20" maxlength="80" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /> </p>

<p>Current Password: <input type="password" name="pass" size="10" maxlength="20" /></p>

<p>New Password: <input type="password" name="pass1" size="10" maxlength="20" /></p>

<p>Confirm New Password: <input type="password" name="pass2" size="10" maxlength="20" /></p>

<p><input type="submit" name="submit" value="Change Password" /></p>

<input type="hidden" name="submitted" value="TRUE" />



include ('includes/footer.html');


Link to comment
Share on other sites

When I test the form . . .without filling (it) in I get “Error!”

If I fill (it incorrectly) I still get "Error!” message with no notification of what I have done wrong.

If I complete the form correctly . . . I just get a blank page with the header and footer displayed.

I downloaded the completed lesson from the website and tested (it . . . and it) behaves in exactly the same way . . .

(All the other forms I've created) work fine.


Odd that:

1) Other forms work, but not this one. Presuming this form uses the same database script as the other.

2) Although error messages are assigned, you only see “Error!” - and not corresponding error message.


And most odd of all is:

3) You downloaded the completed lesson and tested the form (and it) behaves in exactly the same way...


I didn't see anything wrong, but that don't mean it aint there.


Commenting everything out - and testing one element at a time until it works correctly - usually helps me track down, club* and remove the funky monkey screwing with my code.


*(no monkeys are harmed when I fix code.)


~ David

  • Upvote 1
Link to comment
Share on other sites

I copied and pasted your code and it worked correctly - displaying the appropriate error messages and updating the d/b when correct data was input. You might want to check that your action file is pointed to the correct file/folder and all your changes have been saved. Also try clearing the cache. Sorry if this sounds basic but sometimes its the obvious that catches us up.

  • Upvote 1
Link to comment
Share on other sites

Thank's margaux I cleared out the cache and all the error messesages came up when I broke the form on purpose. The only problem I have now is when I post the form I get the error "The email address and password do not match those on file" (When I know for a fact that they do). Ive tried entering the data using the "register.php" and also directly into the database but I still get this error message.


David Thanks for your input. The tip about quoting out will come in really usefull. I'm new to this game so any little tips or help is greatly apreciated, thanks

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...