changepass?

Hinataa · 04/19/2010, 10:17

it says my password is incorrect,
but this right

account in navicat is:
my> account

Thanks

Code:

<?php
include('config.php');
?>
<?php
if($_POST['user']){
mysql_select_db($mydbmy);
					$userid = trim($_POST['id']);
					$password=trim($_POST['pass']);
					$passretype=trim($_POST['repass']);
					$hash=$_POST['hash'];
					$hash1=$_POST['hash1'];
					$cpass = trim($_POST['cpass']);
					$sql = "SELECT * FROM account WHERE name='$userid'";
					$query = mysql_query($sql) or die(mysql_error());
					$row = mysql_fetch_object($query);
					$curpass = htmlspecialchars($row->password);
					$secretquestion = htmlspecialchars($row->secret_question);
					$secretanswer = htmlspecialchars($row->secret_answer);
					$email = htmlspecialchars($row->email);
$res = mysql_query("select * from account where name = '".$userid."' order by id desc");
								if(mysql_num_rows($res) == 0)
								{
								Echo "Sorry that username doesnt exist";
								}else{
							echo "
							<form method=\"post\" action=\"changepw1\">
<TABLE align=\"center\">
<tr><td>
<br />
Enter the correct info and your password will be changed. For the email, it will be the one you used to sign up with.<tr><td>
<tr><td align=\"center\">Login:</tr></td>
<tr><td align=\"center\"><input type=\"text\" size=\"20\" name=\"userc\"/></tr></td>
<tr><td align=\"center\">Senha Atual:</tr></td>
<tr><td align=\"center\"><input type=\"hidden\" name=\"hash1\">
<input type=\"password\" size=\"20\" name=\"curpass\" onBlur=\"hash1.value=login(curpass.value)\"/></tr></td>
<tr><td align=\"center\">Nova Senha:</td></tr>
<tr><td align=\"center\"><input type=\"password\" size=\"20\" name=\"newpas\"/></td></tr>
<tr><td align=\"center\">repita a nova senha:</td></tr>
<tr><td align=\"center\"><input type=\"password\" size=\"20\" name=\"renew\"/></td></tr>
<tr><td align=\"center\">
<input type=\"hidden\" name=\"hash\"><input class=Butt type=submit onClick=\"hash.value = login(newpas.value)\" value=\"Change Password\" name=B1>
</td></tr>
</TABLE>
</form>
							";
							}//end else
}
?>
<?php
			if($_POST['B1'])
			{
			mysql_select_db($account);
					$userid = trim($_POST['userc']);
					$password=trim($_POST['curpass']);
					$passretype=trim($_POST['repass']);
					$hash=$_POST['hash'];
					$hash1=$_POST['hash1'];
					$newpass = trim($_POST['newpas']);
					$renewpass = trim($_POST['renew']);
					$sql = "SELECT * FROM account WHERE name='$userid'";
					$query = mysql_query($sql) or die(mysql_error());
					$row = mysql_fetch_object($query);
					$curpass = htmlspecialchars($row->password);

$res = mysql_query("select * from account where name = '".$userid."' order by id desc");
								if(mysql_num_rows($res) == 0)
								{
								Echo "Login não existe";
								}else{
				if($hash1 != $curpass)
					{
						echo "Sua senha atual foi digitada errado";
					}
					else{
					if($newpass != $renewpass)
					{
						echo "Sua nova senha não coincidem";
					}
					else{
					$sql = "UPDATE account SET password='$hash' WHERE name='$userid'";
					$query = mysql_query($sql) or die(mysql_error());

									echo "Senha trocada com sucesso ";


					}


					}

}
}

			?>

Hinataa · 04/27/2010, 12:44

someone help me?
sorry post doble

CroW_ZeRo · 04/27/2010, 13:21

PHP Code:


			
<?php

include('config.php');

?>

<script type="text/javascript" src="inc/md5.js"></script>

make it look like this at the top of your php

.Ash · 04/27/2010, 20:35

Yeah if your using the account table in my DB, Put my and my in config. But its easier to have 2 seperate DBs..

Hinataa · 04/27/2010, 22:30

my config is correct. So much that I use the register without problems
the account is in my db.

zukoo · 04/28/2010, 09:27

I also am with this problem
=/

.Ash · 04/28/2010, 20:33

then check your acc server files...