Hi,
Don't know why but i always seem to mess my, mysql querys up somewhere, usually silly things like quotes etc.
The code below, i have a problem. Basically when user gets an email they click the link and they are taken to a page where they can change there password,
Problem i am having, again i think this is a query problem, i have tried many many ways with no luck.
When i enter a new password the password does not get updated in the database.
Basically that the only problem i am having, if someone could take a look and tell me where i am going wrong again.
here is my code, thanks as always
genieuk
<?php @include("top.inc"); ?>
<?php include("db_connect.php"); // Database Connection ?>
<?php
if (isset($_POST['submitted'])) { // Handle the form.
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
// Validation enter password
if ( empty ( $_POST['pass1'] ) ) {
echo "<span class=\"error\"><p>You must type in a password</p></span>";
$err++;
}
// Validation Confirm Password
if ( empty ( $_POST['pass2'] ) ) {
echo "<span class=\"error\"><p>You must confirm your password</p></span>";
$err++;
}
// Validation passwords do not match
if ( $_POST['pass1'] != $_POST['pass2'] ) {
echo "<span class=\"error\"><p>Your passwords do not match</p></span>";
$err++;
}
// If all is ok
if ($err == 0) {
$queryString = $_GET['key'];
$query = "SELECT * FROM userinformation";
$result = mysql_query($query) or die(mysql_error());
// Ecnrypt new password
$pass1 = sha1( $pass1 ) ;
while($row = mysql_fetch_array($result)){
if ($queryString == $row["activationkey"]){
$sql = "UPDATE userinformation SET password = '$pass1' WHERE activationkey = '$queryString'";
echo "<span class=\"error\"><p>Your password has been successfully updated</p>
<p>You will automatically be redirected in 5 seconds</p></span>";
redirect( "login.php" , "5" );
}
}
}
}
?>
<h1>Please enter a new password</h1>
<form action="verifypasswordreset.php" method="post">
New Password
<p><input type="password" name="pass1" maxlength="20" /></p>
Confirm New Password
<p><input type="password" name="pass2" maxlength="20" /></p>
<input type="submit" name="submit" value="Update My Password" />
<input type="hidden" name="submitted" value="TRUE" />
<?php @include("footer.inc"); ?>