I am working on a simple script that allows users to create an account and change password in a database. The only problem I'm having is creating a script that allows the user to change their password. It doesn't update in my DB. I am getting successfully message but it doesn't update in DB. Please help me any suggestions will be much appreciated Please let me know if any more details required?
<form method="POST">
old:<input type="text" name="old_pass">
new:<input type="text" name="">
conf:<input type="text" name="">
<input type="submit" name="submit" value="save">
</form>
<?php
$conn_db = mysqli_connect("localhost","root","","oz");
if(!$conn_db)
{
echo "not connect";
}
echo "connect".mysqli_error($conn_db);
SESSION_START();
if($_SERVER['REQUEST_METHOD']=="POST")
{
if(isset($_POST['submit']))
{
$old_pass=$_POST['old_pass'];
$new_pass=$_POST['new_pass'];
$re_pass=$_POST['re_pass'];
$chg_pwd=mysqli_query($conn_db,"SELECT * FROM admin WHERE email='$email'");
$chg_pwd1=mysqli_fetch_array($chg_pwd);
$data_pwd=$chg_pwd1['pass'];
if($data_pwd==$old_pass){
if($new_pass==$re_pass){
$update_pwd=mysqli_query($conn_db,"UPDATE admin SET pass='$new_pass' where email='$email'");
echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
}
else{
echo "<script>alert(`Your new and Retype Password is not match`); window.location='index.php'</script>";
}
}
else
{
echo "<script>alert(`Your old password is wrong`); window.location='change.php'</script>";
}}
}
?>
You are getting the success message because you are not actually checking if the update was successful. You're just checking if the password match: if($new_pass==$re_pass)
You never define $email
, so your WHERE clause generates an empty data set.
Try defining $email
, for example: $email = $_POST['email']
and moving your alert and redirect inside of an if statement that checks the result of the query
if(mysqli_query($conn_db,"UPDATE admin SET pass='$new_pass' where email='$email'")) {
echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
}
NOTE:
TRY USING THIS
if($new_pass==$re_pass){
$update_pwd = $conn_db->query("UPDATE admin SET pass='$new_pass' WHERE email='$email'");
if($update_pwd){ echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
} else { //echo server error }
}
change your 'mysqli_query' to '$conn_db->query'. there will be no need to include '$conn_db' in the parenthesis. Meanwhile, if error logging is set in your php settings, you can see the error
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.