Hey,
I started learning PHP programming. I wrote this script to update a user's password from the mySQL database, but it's isn't doing so

The script is :-

<?php
include("header.html");
include("nav.html");
include("sidebars.html");
?>
<div id="content">
<?php
$errors=array();
if(empty($_POST['uname']))
{
	$errors[]="You forgot to enter your username";
}
else
{
	$uname=$_POST['uname'];
}
if(empty($_POST['p']))
{
	$errors[]="You forgot to enter your current password";
}
else
{
	$p=$_POST['p'];
}
if(!empty($_POST['np']))
{
	if(($_POST['np'])==($_POST['np1']))
	{
		$np=$_POST['np'];
	}
	else
	{
		$errors[]="Your new passwords do not match";
	}
}
else
{
	$errors[]="You forgot to enter your new password";
}
if(empty($errors))
{
	include("connect.php");
	$q="SELECT user_id  FROM users WHERE (username=".$uname." AND pass==SHA1(".$p.")))";
	$r=mysql_query($q,$dbc);
	$num=mysql_num_rows($r);
	$row=mysql_fetch_array($r,MYSQL_NUM);
	if($num==1)
	{
		$query="UPDATE users SET pass=".$np." WHERE user_id==".$row[0]; 
		$change=mysql_query($query,$dbc);
		$aff=mysql_affected_rows($dbc);
		if($aff==1)
		{
			echo "Your password has been changed";
		}
		else
		{
			echo "Your password could not be changed to be a server issue";
		}
	}
	else
	{
		echo "Your username and password do not match, try again";
	}
}
else
{
	echo "<h1>There was an error</h1><hr /><br />";
	echo "Password could not be changed due to :- <br />";
	foreach($errors as $msg)
	{
		echo " - ".$msg."<br />";
	}
}
?>
</div>
<?php
include("footer.html");
?>

The errors I am getting are :-

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\password1.php on line 45

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\password1.php on line 46
Your username and password do not match, try again

The page where the form is :-

<?php
include("header.html");
include("nav.html");
include("sidebars.html");
?>
<div id="content">
<fieldset>
<legend>Change your password</legend>
<form action="password1.php" method="post">
<br />
Username : <input type="text" name="uname" /><br /><br />
Current Password : <input type="password" name="p" /><br /><br />
New Password : <input type="password" name="np" /><br /><br />
Repeat New Password : <input type="password" name="np1" /><br /><br />
<p align="center"><input type="submit" name="submit"></p>
</form>
</fieldset>
</div>
<?php
include("footer.html");
?>
Member Avatar for diafol
$q="SELECT user_id  FROM users WHERE (username=".$uname." AND pass==SHA1(".$p.")))";

Take off a closing bracket. You have 2 vs. 3

BTW, you probably don't need them about the where clause.

$q="SELECT user_id  FROM users WHERE (username=".$uname." AND pass==SHA1(".$p.")))";

Take off a closing bracket. You have 2 vs. 3

BTW, you probably don't need them about the where clause.

still not working, still get the same error. :(

$q="SELECT user_id  FROM users WHERE username='$uname' AND pass==SHA1('$p')";

try like this

instead of this :-

$q="SELECT user_id  FROM users WHERE (username=".$uname." AND pass==SHA1(".$p.")))";

try this:-

$q="SELECT user_id  FROM users WHERE (username='".$uname."' AND pass=SHA1(".$p."))";

If still it is not workng then go to mysql and check what is the output when you are running this query....

yes...it works
10x IIM +rep

Solved it .... there was some problem in mySQL query syntax.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.