margaux Posted December 10, 2011 Share Posted December 10, 2011 I've got this script working nicely but while I was testing 2 questions cropped up: 1. If the new password entered is the same as the current password, it is rejected. Is that a feature of mysql? 2. mysqli_error didn't show up the error that I was encountering as a result of question 1. Is there something wrong with my code? echo '<h1>System Error</h1> <p class="error">You password could not be changed due to a system error. We apologise for any inconvenience.</p>'; echo '<p>' . mysqli_error($dbc) . '</p><p>Query: ' . $q . '</p>'; Everything displayed including the $q variable but not the mysqli_error($dbc). Thanks for replying. Link to comment Share on other sites More sharing options...
David L Posted December 11, 2011 Share Posted December 11, 2011 1. If the new password entered is the same as the current password, it is rejected. Is that a feature of mysql? When you do a password change, you are using an UPDATE query. An UPDATE query is supposed to say "change value x to value y". In your case, the old password is the same as the new. In effect you are telling mysql: Please update value x to value x. Which makes no sense. This is why mysql returns 0 Rows Affected because nothing happened and no rows were changed - as your UPDATE query doesn't make sense. 2. mysqli_error didn't show up the error that I was encountering as a result of question 1. Is there something wrong with my code? mysqli_error shows no error because there was no error! Your update query is perfect valid syntactically. It just doesn't do anything because the old password and the new password are identical. But no error occurred. Side point: Please delete the line - [color=#000000][font=monospace][size=2]echo [/size][/font][/color][color=#008800][font=monospace][size=2]'<p>'[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] mysqli_error[/size][/font][/color][color=#666600][font=monospace][size=2]([/size][/font][/color][color=#000000][font=monospace][size=2]$dbc[/size][/font][/color][color=#666600][font=monospace][size=2])[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#008800][font=monospace][size=2]'</p><p>Query: '[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] $q [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#008800][font=monospace][size=2]'</p>';[/size][/font][/color] You really don't want to be showing your users the mysqli error details. Doing so is a significant security flaw as your user will see details pertaining to the design of your database. You never want to be 1 Link to comment Share on other sites More sharing options...
David L Posted December 11, 2011 Share Posted December 11, 2011 [color=#000000][font=monospace][size=2]echo [/size][/font][/color][color=#008800][font=monospace][size=2]'<p>'[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] mysqli_error[/size][/font][/color][color=#666600][font=monospace][size=2]([/size][/font][/color][color=#000000][font=monospace][size=2]$dbc[/size][/font][/color][color=#666600][font=monospace][size=2])[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#008800][font=monospace][size=2]'</p><p>Query: '[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] $q [/size][/font][/color][color=#666600][font=monospace][size=2].[/size][/font][/color][color=#000000][font=monospace][size=2] [/size][/font][/color][color=#008800][font=monospace][size=2]'</p>';[/size][/font][/color] I meant this: echo '<p>' . mysqli_error($dbc) . '</p><p>Query: ' . $q . '</p>'; Link to comment Share on other sites More sharing options...
margaux Posted December 11, 2011 Author Share Posted December 11, 2011 Thanks for the reply. echo '<p>' . mysqli_error($dbc) . '</p><p>Query: ' . $q . '</p>'; This line is only in there to help me debug. Link to comment Share on other sites More sharing options...
Recommended Posts