Forgot password and Reset Password Help
Posted: Sat Apr 28, 2012 5:07 pm
ok i followed a tutorial on youtube to make these i edited them a bit to work with the user log in system that jacek made.
but the error i am having is that...
forgotpass.php = it changed the password but it wont allow me to login...
resetpass.php = it keeps saying wrong password when i put it in so is there anyway you can help me fix this?
Also i need this to work with jaceks login tutorials
here is the sources for those 2 pages.
forgotpass.php:
[syntax=php]<?php
include('core/init.inc.php');
$userid = $_SESSION['user_id'];
$username = $_SESSION['user_username'];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Forgot Password - Zerk-Xile</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="SHORTCUT ICON" href="ext/images/favicon.ico">
<link href="ext/css/stylesheet.css" rel="stylesheet" type="text/css">
</head>
<body>
<img src="ext/images/background.jpg" class="background" />
<!-- TemplateBeginEditable name="header" -->
<center>
<div class="header" id="header">
<p><font size="10">Zerk-Xile</font></p>
</div></center><!-- TemplateEndEditable -->
<!-- TemplateBeginEditable name="content" -->
<center>
<div align="center" class="content" id="content">
<?php
if (!$username && !$userid){
if ($_POST['resetbtn']){
// get data from form
$user = $_POST['user'];
$email = $_POST['email'];
if ($user){
if ($email){
if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){
$query = mysql_query("SELECT * FROM users WHERE user_username='$user'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
// get info for account from database
$row = mysql_fetch_assoc($query);
$dbemail = $row['user_email'];
// make sure email is correct
if ($email == $dbemail){
// generate random password
$pass = rand();
$pass = md5($pass);
$pass = substr($pass, 0, 15);
$password = md5(md5("kjfiufj".$pass."Fj56fj"));
// update db with new pass
mysql_query("UPDATE users SET user_password='$password' WHERE user_username='$user'");
// make sure that the password was changed
$query = mysql_query("SELECT * FROM users WHERE user_username='$user' AND user_password='$password'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
// create email vars
$webmaster = "admin@zerk-xile.info";
$headers = "From: Smg<$webmaster>";
$subject = "Your New Password";
$message = "Hello, Your password has been reset. Your new password is below.\n";
$message .= "Password: $pass\n";
echo $pass."<br />";
if ( mail($email, $subject, $message, $headers) ){
echo "Your password has been reset and a email has been sent with your new password.";
} else
echo "An error has occured and your email was not sent containing your new password.";
} else
echo "An error has occured and the password was not reset.";
} else
echo "The email entered was the wrong email address.";
} else
echo "The username was not found.";
mysql_close();
} else
echo "Please enter a valid Email Address.";
} else
echo "Please enter your Email.";
} else
echo "Please enter your Username.";
}
echo "<form action='./forgotpass.php' method='post'>
<table>
<tr>
<td>Username:</td>
<td><input type='text' name='user' /></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' /></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='resetbtn' value='Reset Password' /></td>
</tr>
</table>
</form>";
} else
echo "Please logout to view this page.";
?>
</div></center><!-- TemplateEndEditable -->
</body>
</html>
[/syntax]
resetpass.php:
[syntax=php]<?php
include('core/init.inc.php');
$userid = $_SESSION['user_id'];
$username = $_SESSION['user_username'];
?>
<html>
<head>
<title></title>
</head>
<body>
<?php
if ($_POST['resetpass']){
// get form data
$pass = $_POST['pass'];
$newpass = $_POST['newpass'];
$confirmpass = $_POST['confirmpass'];
// make sure all data was entered
if ($pass){
if ($newpass){
if ($confirmpass){
if ($newpass === $confirmpass){
$password = md5(md5("kjfiufj".$pass."Fj56fj"));
// make sure pass is correct.
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
//new password
$newpassword = md5(md5("kjfiufj".$newpass."Fj56fj"));
// update the db with new pass
mysql_query("UPDATE users SET password='$newpassword' WHERE username='$username'");
// make sure new password was changed
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$newpassword'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
echo "Your password has been reset.";
} else
echo "a error occured and your password was not reset";
} else
echo "Your current password is incorrect.";
mysql_close();
} else
echo "Your new passwords did not match.";
} else
echo "You must confirm your new password.";
} else
echo "You must enter your new password.";
} else
echo "You must enter your current password.";
}
echo "<form action='./resetpass.php' method='post'>
<table>
<tr>
<td>Current Password:</td>
<td><input type='password' name='pass'></td>
</tr>
<tr>
<td>New Password:</td>
<td><input type='password' name='newpass'></td>
</tr>
<tr>
<td>Confirm Password:</td>
<td><input type='password' name='confirmpass'></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='resetpass' value='Reset Password'></td>
</tr>
</table>
</form>";
?>
</body>
</html>
[/syntax]
but the error i am having is that...
forgotpass.php = it changed the password but it wont allow me to login...
resetpass.php = it keeps saying wrong password when i put it in so is there anyway you can help me fix this?
Also i need this to work with jaceks login tutorials
here is the sources for those 2 pages.
forgotpass.php:
[syntax=php]<?php
include('core/init.inc.php');
$userid = $_SESSION['user_id'];
$username = $_SESSION['user_username'];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Forgot Password - Zerk-Xile</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="SHORTCUT ICON" href="ext/images/favicon.ico">
<link href="ext/css/stylesheet.css" rel="stylesheet" type="text/css">
</head>
<body>
<img src="ext/images/background.jpg" class="background" />
<!-- TemplateBeginEditable name="header" -->
<center>
<div class="header" id="header">
<p><font size="10">Zerk-Xile</font></p>
</div></center><!-- TemplateEndEditable -->
<!-- TemplateBeginEditable name="content" -->
<center>
<div align="center" class="content" id="content">
<?php
if (!$username && !$userid){
if ($_POST['resetbtn']){
// get data from form
$user = $_POST['user'];
$email = $_POST['email'];
if ($user){
if ($email){
if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){
$query = mysql_query("SELECT * FROM users WHERE user_username='$user'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
// get info for account from database
$row = mysql_fetch_assoc($query);
$dbemail = $row['user_email'];
// make sure email is correct
if ($email == $dbemail){
// generate random password
$pass = rand();
$pass = md5($pass);
$pass = substr($pass, 0, 15);
$password = md5(md5("kjfiufj".$pass."Fj56fj"));
// update db with new pass
mysql_query("UPDATE users SET user_password='$password' WHERE user_username='$user'");
// make sure that the password was changed
$query = mysql_query("SELECT * FROM users WHERE user_username='$user' AND user_password='$password'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
// create email vars
$webmaster = "admin@zerk-xile.info";
$headers = "From: Smg<$webmaster>";
$subject = "Your New Password";
$message = "Hello, Your password has been reset. Your new password is below.\n";
$message .= "Password: $pass\n";
echo $pass."<br />";
if ( mail($email, $subject, $message, $headers) ){
echo "Your password has been reset and a email has been sent with your new password.";
} else
echo "An error has occured and your email was not sent containing your new password.";
} else
echo "An error has occured and the password was not reset.";
} else
echo "The email entered was the wrong email address.";
} else
echo "The username was not found.";
mysql_close();
} else
echo "Please enter a valid Email Address.";
} else
echo "Please enter your Email.";
} else
echo "Please enter your Username.";
}
echo "<form action='./forgotpass.php' method='post'>
<table>
<tr>
<td>Username:</td>
<td><input type='text' name='user' /></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' /></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='resetbtn' value='Reset Password' /></td>
</tr>
</table>
</form>";
} else
echo "Please logout to view this page.";
?>
</div></center><!-- TemplateEndEditable -->
</body>
</html>
[/syntax]
resetpass.php:
[syntax=php]<?php
include('core/init.inc.php');
$userid = $_SESSION['user_id'];
$username = $_SESSION['user_username'];
?>
<html>
<head>
<title></title>
</head>
<body>
<?php
if ($_POST['resetpass']){
// get form data
$pass = $_POST['pass'];
$newpass = $_POST['newpass'];
$confirmpass = $_POST['confirmpass'];
// make sure all data was entered
if ($pass){
if ($newpass){
if ($confirmpass){
if ($newpass === $confirmpass){
$password = md5(md5("kjfiufj".$pass."Fj56fj"));
// make sure pass is correct.
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
//new password
$newpassword = md5(md5("kjfiufj".$newpass."Fj56fj"));
// update the db with new pass
mysql_query("UPDATE users SET password='$newpassword' WHERE username='$username'");
// make sure new password was changed
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$newpassword'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
echo "Your password has been reset.";
} else
echo "a error occured and your password was not reset";
} else
echo "Your current password is incorrect.";
mysql_close();
} else
echo "Your new passwords did not match.";
} else
echo "You must confirm your new password.";
} else
echo "You must enter your new password.";
} else
echo "You must enter your current password.";
}
echo "<form action='./resetpass.php' method='post'>
<table>
<tr>
<td>Current Password:</td>
<td><input type='password' name='pass'></td>
</tr>
<tr>
<td>New Password:</td>
<td><input type='password' name='newpass'></td>
</tr>
<tr>
<td>Confirm Password:</td>
<td><input type='password' name='confirmpass'></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='resetpass' value='Reset Password'></td>
</tr>
</table>
</form>";
?>
</body>
</html>
[/syntax]