Jump to content
Larry Ullman's Book Forums

Keep Getting The Error Message The Login And Password Do Not Match Those On File Can't Understand Where I Am Going Wrong


Recommended Posts

<?php 
$thisPage = 'update';
include('includes/header.html');
include('includes/nav1.php');
if($_SERVER['REQUEST_METHOD'] == 'POST') {
require('../mysqli_connect.php');
$errors = array();
if (empty($_POST['login'])) {
$errors[] = 'You forgot to enter your login';
} else {
$lgn = mysqli_real_escape_string($dbc, trim($_POST['login']));
}
if (empty($_POST['pwd'])) {
$errors[] = 'You forgot to enter your password';
} else {
$p = mysqli_real_escape_string($dbc, trim($_POST['pwd']));
}
if (!empty($_POST['pwd1'])) {
if($_POST['pwd1'] != $_POST['pwd2']) {
    $errors[] = 'Your new password did not match the confirmed password';
} else {
$np = mysqli_real_escape_string($dbc, trim($_POST['pwd1']));
    }
} else {
$errors[] = 'You forgot to enter your password';
}
 
if(empty($errors)) {
$q = "SELECT patientID FROM Patient WHERE( login = '$lgn'  AND pwd = SHA1('$p') )";
$r = @mysqli_query($dbc, $q);
$num = @mysqli_num_rows($r);
if($num == 1) {
$row = mysqli_fetch_array($r,MYSQLI_NUM);
$q = "UPDATE Patient SET pwd=SHA1('$np') WHERE patientID=$row[1]";
$r = @mysqli_query($dbc, $q);
if(mysqli_affected_rows($dbc) == 1) {
echo '<h1>Thank You!</h1>
<p>Your password has been updated</p>';
} else {
echo '<h1>System Error</h1>
<p class = "error">Your password could not be changed  due a system error.We apologize for any inconvenience</p>';
echo '<p>' . mysqli_error($dbc) . '<br/><br/>Query: ' . $q . '</p>';
}
mysqli_close($dbc);
include('includes/footer.html');
exit();
} else {
echo '<h1>Error</h1>
<p class = "error">The login and password do not match those on file</p>';
}
} else {
echo '<h1>Error!</h1>
<p class = "error">The following error(s) have occurred<br/>';
foreach($errors as $msg) {
echo " -$msg<br/>\n";
}
echo '</p><p>Please try again</p><p><br/></p>';
}
mysqli_close($dbc);
}
?>
<h1>Change Your Password</h1>
<form action="update.php" method="post">
<p>Login: <input type="text" name = "login" size = "2" maxlength = "12" value ="<?php if(isset($_POST['login'])) echo $_POST['login']; ?>" /></p>
<p>Current Password: <input type="password" name="pwd" size="5" maxlength="20" value="<?php if (isset($_POST['pwd'])) echo $_POST['pwd']; ?>"  /></p>
<p>New Password: <input type="password" name="pwd1" size="5" maxlength="20" value="<?php if (isset($_POST['pwd1'])) echo $_POST['pwd1']; ?>"  /></p>
<p>Confirm New Password: <input type="password" name="pwd2" size="5" maxlength="20" value="<?php if (isset($_POST['pwd2'])) echo $_POST['pwd2']; ?>"  /></p>
<p><input type="submit" name="submit" value="Change Password" /></p>
</form>
<?php include ('includes/footer.html'); ?>
 
 
 
 
 
<?php 
$thisPage = 'update';
include('includes/header.html');
include('includes/nav1.php');
if($_SERVER['REQUEST_METHOD'] == 'POST') {
require('../mysqli_connect.php');
$errors = array();
if (empty($_POST['login'])) {
$errors[] = 'You forgot to enter your login';
} else {
$lgn = mysqli_real_escape_string($dbc, trim($_POST['login']));
}
if (empty($_POST['pwd'])) {
$errors[] = 'You forgot to enter your password';
} else {
$p = mysqli_real_escape_string($dbc, trim($_POST['pwd']));
}
if (!empty($_POST['pwd1'])) {
if($_POST['pwd1'] != $_POST['pwd2']) {
    $errors[] = 'Your new password did not match the confirmed password';
} else {
$np = mysqli_real_escape_string($dbc, trim($_POST['pwd1']));
    }
} else {
$errors[] = 'You forgot to enter your password';
}
 
if(empty($errors)) {
$q = "SELECT patientID FROM Patient WHERE( login = '$lgn'  AND pwd = SHA1('$p') )";
$r = @mysqli_query($dbc, $q);
$num = @mysqli_num_rows($r);
if($num == 1) {
$row = mysqli_fetch_array($r,MYSQLI_NUM);
$q = "UPDATE Patient SET pwd=SHA1('$np') WHERE patientID=$row[1]";
$r = @mysqli_query($dbc, $q);
if(mysqli_affected_rows($dbc) == 1) {
echo '<h1>Thank You!</h1>
<p>Your password has been updated</p>';
} else {
echo '<h1>System Error</h1>
<p class = "error">Your password could not be changed  due a system error.We apologize for any inconvenience</p>';
echo '<p>' . mysqli_error($dbc) . '<br/><br/>Query: ' . $q . '</p>';
}
mysqli_close($dbc);
include('includes/footer.html');
exit();
} else {
echo '<h1>Error</h1>
<p class = "error">The login and password do not match those on file</p>';
}
} else {
echo '<h1>Error!</h1>
<p class = "error">The following error(s) have occurred<br/>';
foreach($errors as $msg) {
echo " -$msg<br/>\n";
}
echo '</p><p>Please try again</p><p><br/></p>';
}
mysqli_close($dbc);
}
?>
<h1>Change Your Password</h1>
<form action="update.php" method="post">
<p>Login: <input type="text" name = "login" size = "2" maxlength = "12" value ="<?php if(isset($_POST['login'])) echo $_POST['login']; ?>" /></p>
<p>Current Password: <input type="password" name="pwd" size="5" maxlength="20" value="<?php if (isset($_POST['pwd'])) echo $_POST['pwd']; ?>"  /></p>
<p>New Password: <input type="password" name="pwd1" size="5" maxlength="20" value="<?php if (isset($_POST['pwd1'])) echo $_POST['pwd1']; ?>"  /></p>
<p>Confirm New Password: <input type="password" name="pwd2" size="5" maxlength="20" value="<?php if (isset($_POST['pwd2'])) echo $_POST['pwd2']; ?>"  /></p>
<p><input type="submit" name="submit" value="Change Password" /></p>
</form>
<?php include ('includes/footer.html'); ?>
The Table being used in the update query is the Patient table keep 
 
 
CREATE TABLE Patient (
   patientID  INT AUTO_INCREMENT,
   title VARCHAR(15) DEFAULT 'Mr',
   firstN      VARCHAR(40) NOT NULL,
   lastN    VARCHAR(20) NOT NULL,
   street       VARCHAR(25),
   suburb       VARCHAR(30),
   state        CHAR(3) DEFAULT 'NSW',
   pc      CHAR(4) DEFAULT '2250',
   phone   CHAR(12),
   email VARCHAR(50),
   imageName VARCHAR(50),
   login VARCHAR(12),
   pwd VARCHAR(40),
   PRIMARY KEY (patientID)
);
 

 

Link to comment
Share on other sites

There's nothing obvious that's causing this error, although I suspect this would be a problem:

$q = "UPDATE Patient SET pwd=SHA1('$np') WHERE patientID=$row[1]";

That should probably be $row[0]. 

 

To debug this, I'd start by seeing if the login or the password is the problem. Do this by turning directly to MySQL running queries against what's already stored. 

Link to comment
Share on other sites

 Share

×
×
  • Create New...