changepass?

04/19/2010 10:17 Hinataa#1
it says my password is incorrect,
but this right

account in navicat is:
my> account

Thanks




Code:
<?php
include('config.php');
?>
<?php
if($_POST['user']){
mysql_select_db($mydbmy);
					$userid = trim($_POST['id']);
					$password=trim($_POST['pass']);
					$passretype=trim($_POST['repass']);
					$hash=$_POST['hash'];
					$hash1=$_POST['hash1'];
					$cpass = trim($_POST['cpass']);
					$sql = "SELECT * FROM account WHERE name='$userid'";
					$query = mysql_query($sql) or die(mysql_error());
					$row = mysql_fetch_object($query);
					$curpass = htmlspecialchars($row->password);
					$secretquestion = htmlspecialchars($row->secret_question);
					$secretanswer = htmlspecialchars($row->secret_answer);
					$email = htmlspecialchars($row->email);
$res = mysql_query("select * from account where name = '".$userid."' order by id desc");
								if(mysql_num_rows($res) == 0)
								{
								Echo "Sorry that username doesnt exist";
								}else{
							echo "
							<form method=\"post\" action=\"changepw1\">
<TABLE align=\"center\">
<tr><td>
<br />
Enter the correct info and your password will be changed. For the email, it will be the one you used to sign up with.<tr><td>
<tr><td align=\"center\">Login:</tr></td>
<tr><td align=\"center\"><input type=\"text\" size=\"20\" name=\"userc\"/></tr></td>
<tr><td align=\"center\">Senha Atual:</tr></td>
<tr><td align=\"center\"><input type=\"hidden\" name=\"hash1\">
<input type=\"password\" size=\"20\" name=\"curpass\" onBlur=\"hash1.value=login(curpass.value)\"/></tr></td>
<tr><td align=\"center\">Nova Senha:</td></tr>
<tr><td align=\"center\"><input type=\"password\" size=\"20\" name=\"newpas\"/></td></tr>
<tr><td align=\"center\">repita a nova senha:</td></tr>
<tr><td align=\"center\"><input type=\"password\" size=\"20\" name=\"renew\"/></td></tr>
<tr><td align=\"center\">
<input type=\"hidden\" name=\"hash\"><input class=Butt type=submit onClick=\"hash.value = login(newpas.value)\" value=\"Change Password\" name=B1>
</td></tr>
</TABLE>
</form>
							";
							}//end else
}
?>
<?php
			if($_POST['B1'])
			{
			mysql_select_db($account);
					$userid = trim($_POST['userc']);
					$password=trim($_POST['curpass']);
					$passretype=trim($_POST['repass']);
					$hash=$_POST['hash'];
					$hash1=$_POST['hash1'];
					$newpass = trim($_POST['newpas']);
					$renewpass = trim($_POST['renew']);
					$sql = "SELECT * FROM account WHERE name='$userid'";
					$query = mysql_query($sql) or die(mysql_error());
					$row = mysql_fetch_object($query);
					$curpass = htmlspecialchars($row->password);

$res = mysql_query("select * from account where name = '".$userid."' order by id desc");
								if(mysql_num_rows($res) == 0)
								{
								Echo "Login não existe";
								}else{
				if($hash1 != $curpass)
					{
						echo "Sua senha atual foi digitada errado";
					}
					else{
					if($newpass != $renewpass)
					{
						echo "Sua nova senha não coincidem";
					}
					else{
					$sql = "UPDATE account SET password='$hash' WHERE name='$userid'";
					$query = mysql_query($sql) or die(mysql_error());

									echo "Senha trocada com sucesso ";


					}


					}

}
}

			?>
04/27/2010 12:44 Hinataa#2
someone help me?
sorry post doble
04/27/2010 13:21 CroW_ZeRo#3
PHP Code:
<?php
include('config.php');
?>
<script type="text/javascript" src="inc/md5.js"></script>
make it look like this at the top of your php
04/27/2010 20:35 .Ash#4
Yeah if your using the account table in my DB, Put my and my in config. But its easier to have 2 seperate DBs..
04/27/2010 22:30 Hinataa#5
my config is correct. So much that I use the register without problems
the account is in my db.
04/28/2010 09:27 zukoo#6
I also am with this problem
=/
04/28/2010 20:33 .Ash#7
then check your acc server files...