LCKB
Homapge Change Password.php - Printable Version

+- LCKB (https://lckb.dev/forum)
+-- Forum: ** OLD LCKB DATABASE ** (https://lckb.dev/forum/forumdisplay.php?fid=109)
+--- Forum: Website Scripting & Security (https://lckb.dev/forum/forumdisplay.php?fid=197)
+---- Forum: Website Releases (https://lckb.dev/forum/forumdisplay.php?fid=135)
+----- Forum: Ep2 Websites (https://lckb.dev/forum/forumdisplay.php?fid=171)
+----- Thread: Homapge Change Password.php (/showthread.php?tid=1794)

- crankchaos - 04-05-2013


can one tell me what I did wrong would be really nice

 

<?php
require_once "change_pw.php";

echo ("<div class=\"padding\">");
echo ("Hello <strong>$user_id</strong>, Welcome to your account page!<br>");
echo ("Here youll be able to view all your reviews and recieve special offers from participating partners!");
echo ("</div>");

$con = mysql_connect("localhost", "root", "123456789") or die(mysql_error());
$db = mysql_select_db("db", $con);

if(!$_POST[submit]){
echo("<div class=\"reviewcss\">
<form method=\"post\" class=\"cssform\" action=\"change_pw.php\">

<p>
<label for=\"currentpassword\">Current Password</label>
<input type=\"passwd\" name=\"oldpassword\">
</p>

<p>
<label for=\"passwd\">New Password</label>
<input type=\"passwd\" name=\"passwd\">
</p>

<p>
<label for=\"passwd\">Confirm</label>
<input type=\"passwd\" name=\"passconf\">
</p>

<div style=\"margin-left: 150px;\">
<input type=\"submit\" name=\"submit\" value=\"Update\">
</div>
</form>
");
} else {
echo("<div class=\"reviewcss\">");
$oldpassword = $_POST[oldpassword];
$passwd = $_POST[passwd];
$confirm = $_POST[passconf];

$errors = array();

if(!$password){
$errors[] = "Your New Password has not been defined!";
}

if($passwd){
if(!$confirm){
$errors[] = "Confirmation password has not been defined!";
}
}

if($passwd && $confirm){
if($passwd != $confirm){
$errors[] = "Your Passwords do not match!";
}
}

if(count($errors) > 0){
foreach($errors AS $error){
echo $error . "<br>\n";
}
}else {
$sql4 = "UPDATE bg_user SET passwd=".md5($passwd)." WHERE id=$passwd AND passwd=".md5($oldpassword)."";

$res4 = mysql_query($sql4) or die(mysql_error());
echo "You have successfully updated your password.</strong><br>";
}
echo("<br><br></div>");
}

?>