php not updating password nor token in the d.b

Question

php.coder 0 Newbie Poster

11 Years Ago

My forgot password is not updating the token table nor is it updating the password when changes it keeps echoing the error message below is the form code:

Forgot Password</strong></h3>
      <form name="forgot" method="POST" id="forgot" action="includes/reset.php">
        <div align="center">
          <table width="372" border="0">
            <tr>
              <td width="181"><p> </p>
                <p><strong>Password</strong></p></td>
              <td width="181"><span id="sprytextfield1"><br />
                <label for="label"></label>
                <input type="password" name="passsowrd" id="password" />
                <span class="textfieldRequiredMsg">Your password is required</span></span></td>
</tr>
            <tr>
              <td><p> </p>
                <p><strong>Confenter code hereirm Password</strong></p></td>
              <td><span id="spryconfirm2">
                <label for="password"></label>
                <input type="password" name="password2" id="password" />
                <span class="confirmRequiredMsg">A value is required.</span><span class="confirmInvalidMsg">The values don't match.</span></span></td>
</tr>
</table>
</div>
    <div align="center">
      <p> </p>
      <table width="98" border="0">
        <tr>
          <th width="44" scope="row"><input type="submit" name="submit" id="submit" value="submit" /></th>
          <th width="44" scope="row"><input type="reset" name="clear" id="clear" value="Clear" /></th>
        </tr>
      </table>
    </div>
    <div align="center">
      <table width="372" border="0">
        <tr> </tr>
        <tr> </tr>
      </table>
    </div>
  </form>

and the reset.php is:

<?php
session_start();
error_reporting(0);
$token=$_GET['token'];
include("settings.php");
connect();
if(!isset($_POST['password'])){
$q="select email from tokens where token='".$token."' and used=0";
$r=mysql_query($q);
while($row=mysql_fetch_array($r))
   {
$email=$row['email'];
   }
If ($email!=''){
          $_SESSION['email']=$email;
}
else die("Invalid link or Password already changed  <a href='../index.php'>Click here to go back to the HOME PAGE<a/>");}

$pass=$_POST['password'];
$email=$_SESSION['email'];

if(isset($_POST['password'])&&isset($_SESSION['email']))
{
$q="update registration set password='".md5($pass)."' where email='".$email."'";
$r=mysql_query($q);
if($r)mysql_query("update tokens set used=1 where token='".$token."'");echo "Your password is changed successfully  <a href='../index.php'>Click here to go back to the HOME PAGE<a/>";
if(!$r)echo "An error occurred";
    }

so the issue is the following error message is echoed all the time: Invalid link or Password already changed.

also if i add the following to the php code:

if(!isset($pass)){
echo '<form method="post">
enter your new password:<input type="password" name="password" />
<input type="submit" value="Change Password">
</form>
';}

then it works but opens it in new blank page which is un professional thats y am trying to add it to the html. any suggestions thanks.

php

3 Contributors
11 Replies
308 Views
9 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by php.coder

Tinnin 8 Posting Whiz in Training

11 Years Ago

line 10:

<input type="password" name="passsowrd" id="password" />

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 1 · 2013-05-23T11:51:07+00:00

Change line 9:

$r = mysql_query($q) or die(mysql_error());

If you get an error, show it here.

php.coder 0 Newbie Poster · Answer 2 · 2013-05-23T11:56:51+00:00

thanks for the reply but the token nor the email is being selected still echoing the same thing: select email from tokens where token='' and used=0
Invalid link or Password already changed Click here to go back to the HOME PAGE. and no error

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 3 · 2013-05-23T12:05:37+00:00

$token=$_GET['token'];

You haven't defined a GET parameter called token anywhere.

php.coder 0 Newbie Poster · Answer 4 · 2013-05-23T12:12:30+00:00

it is being called in the php NOTE that the when i add:

if(!isset($pass)){
echo '<form method="post">
enter your new password:<input type="password" name="password" />
<input type="submit" value="Change Password">
</form>
';}

it works but i removed it because i want to put it in the HTML form.

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 5 · 2013-05-23T12:16:56+00:00

pritaeas 2,194 ¯\_(ツ)_/¯

11 Years Ago

So where does token come in?

php.coder 0 Newbie Poster · Answer 6 · 2013-05-23T12:20:14+00:00

the token is a unique generated chars which help the application to recognize who has requested for a password

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 7 · 2013-05-23T12:21:34+00:00

You are trying to read that from the GET, but you haven't specified it anywhere. I'd expect it to be in the form's action.

php.coder 0 Newbie Poster · Answer 8 · 2013-05-23T12:26:24+00:00

but i mean if i add the

if(!isset($pass)){
echo '<form method="post">
enter your new password:<input type="password" name="password" />
<input type="submit" value="Change Password">
</form>
';}

it works perfectly meaning that if the HTML form wasnt there it works but with a plain page it get the token but because i added the HTML form it doesnt work

php.coder 0 Newbie Poster · Answer 9 · 2013-05-23T12:51:28+00:00

@pritaeas this post has no solution thanks for the help but delete it it wont help any one as it hasnt helped me

php.coder 0 Newbie Poster · Answer 10 · 2013-05-23T21:07:59+00:00

yes tin i noticed it finally a few hours ago thanks though