php password change

Question

iso_1 0 Newbie Poster

7 Years Ago

Hello, if any body can help me , why in the code bello the results is always null or 0?
because when i want to change the password it always shows me this message "The current password you entered is not correct!"

<?php

@session_start();
include("./pg_connect/pgdb.class.php");
$db = new PQDatabase();

// Check if current password is correct
$sql = "SELECT * FROM telecom.users WHERE username = '" . $_GET["u"] . "' AND password = '" . md5($_POST['current_pwd']) . "'";
$result = $db->getNumberOfRows($db->query($sql));
if ($result == null || $result == 0)
{
    echo "{success: false, msg: 'The current password you entered is not correct!'}";
}
elseif ($_POST['new_pwd'] != $_POST['retype_pwd'])
{
    echo "{success: false, msg: 'The new password and the retyped password are not identical!'}";
}
else
{
    $db->query ("UPDATE telecom.users SET password = '" . md5($_POST['new_pwd']) . "' WHERE username = '" . $_SESSION["u"] . "'");
    echo "{success: true, msg: 'The password was changed successfully!'}";
}

?>

php

2 Contributors
2 Replies
243 Views
3 Hours Discussion Span
Latest Post 7 Years Ago Latest Post by iso_1

pritaeas 2,194 ¯\_(ツ)_/¯

7 Years Ago

What is the PQDatabase class? Does it automatically connect? Add error handling, it might be a connection error or something else database related.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

iso_1 0 Newbie Poster · Answer 1 · 2016-11-28T15:25:08+00:00

thank you , I have resolved it. The problem was in if condition.

Regards