I have a php page which is logged in with a user account. Now i want to change my password here, also I'm getting two errors here.
"Notice: Undefined variable: password in C:\xampp\htdocs\fyp\cms\cms-settings.php on line 73
Warning: mysql_affected_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\fyp\cms\cms-settings.php on line 75"
Can someone find out whats the problem here? How to change the password instead? is the way of query is correct?
<?php session_start();
?>
<?php include_once("../includes/connection.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Example form</title>
<style type="text/css">
.container1 {
width: 500px;
clear: both;
}
.container1 input {
width: 100%;
clear: both;
}
</style>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="style.css" />
<title>Change Password</title>
</head>
<body>
<div id="container">
<div id="header">
<h1 style="text-align:left">Quality Management<span class="off"> Cell</span></h1>
</div>
<div id="menu">
<ul>
<li class="menuitem"><a href="cms.php">Home</a></li>
<li class="menuitem"><a href="cms-attendance.php">Attendance</a></li>
<li class="menuitem"><a href="cms-courses.php">Courses</a></li>
<li class="menuitem"><a href="cms-settings.php">Settings</a></li>
</ul>
<a style="text-align:right" href="cms-logout.php">Logout</a>
</div>
</div>
<div id="content" align="justify">
<div id="content_top"></div>
<div id="content_main">
<div id="wrapper">
<form class="login-form" method ="post" action="">
<label for="password">Old Password:</label>
<input name="old_password"/><br /><br />
<label for="password">New Password:</label>
<input name="n_password"/><br /><br />
<label for="password">Confirm new Password:</label>
<input name="new_password"/><br />
<p>
<br />
<input class="button" name="submit" type="Submit" value="Done"/>
</form>
<?php
if(isset($_POST['old_password']) && isset($_POST['password']) && isset($_POST['new_password'])){
$old_pass = $_POST['old_password'];
$password = $_POST['n_password'];
$new_pass = $_POST['new_password'];
}
if (isset($_SESSION['user_name'])){
$username = $_SESSION['user_name'];
}
$query_pass = "UPDATE users SET user_pass = '".$password."' WHERE user_name = '".$_SESSION['user_name']."'";
$result_set = mysql_query($query_pass) or die(mysql_error());
$pass_rows = mysql_affected_rows($result_set) or die (mysql_error());
$pass_set = mysql_fetch_array($pass_rows);
while ($pass_set = mysql_fetch_array($result_set)){
$pass_set['user_id'];
$pass_set['user_name'];
$pass_set['user_pass'];
if($old_pass != $password){
echo "Success";
}
else {
echo "Same Pass";
}
}
?>
<p> </p>
<p> </p>
<div id="content_bottom"></div>
</div>
</div>
</body>
</html>