Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 3 of 6 FirstFirst 12345 ... LastLast
Results 31 to 45 of 82
  1. #31
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    Updating the way you are will update the entire column for every user.

    You need to update where the user_id or just username = 'Value' eg:

    UPDATE members SET reset='{$unique_id}' where username = '$username'

    Then use mysql_affected_rows() to check that a record was updated (if it returns 0 / false then you output an error saying user wasn't found etc).
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  2. #32
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ah I figured that out this morning lol. I executed that prepared statement, looked in my table and every row had updated. I changed it to pretty much what you typed there and have got it working perfectly.

    The reason nothing was updating was because I hadn't executed the prepared statement...I thought it was a normal query expecting it to execute on it's own....That's what I get for staying up till ungodly hours..

    I'm currently just writing the email, I just need to write that page and go from there.

    Kind regards,

    LC.

  3. #33
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ok so I have wrote the email and it sent successfully on 2 occasions but I tried doing it several times since and it isn't sending me the email now.

    Here is my reset pass action script:
    PHP Code:
    <?php

    if(isset($_POST['username'])){

       
    $errors = array();
       
    $_POST['username'] = trim($_POST['username']);
       
       if(empty(
    $_POST['username'])){
          
    $errors[] = "You must fill in the username field.";
       }
       
         if(empty(
    $errors)){
            
    //code checks whether the username matches one in the database, if it does, we create a unique key and update that users reset field.
            
    $con = new mysqli("sql110.0fees.net","fees0_11240271","h4ck3r","fees0_11240271_demo_central");
            
    $stmt $con->prepare("SELECT * FROM members WHERE username=?");
            
            
    $username mysqli_real_escape_string($con,$_POST['username']);
            
            
    $stmt->bind_param("s",$username);
            
    $stmt->bind_result($id,$user,$pass,$email,$join_date,$hash,$reset);
            
    $stmt->execute();
            
    $stmt->store_result();
            
    $row $stmt->num_rows;
            
    $stmt->fetch();
            
            
            if(
    $row == 1){//if $row == 1, we matched a correct username from the database....so we create a unique id to insert into users row.
               
               
    $unique_id uniqid();
               
               
    $stmt $con->prepare("UPDATE members SET reset=? WHERE username=?");
               
    $stmt->bind_param("ss",$unique_id,$user);
               
    $stmt->execute();
               
    $stmt->store_result();
               
    $a_row $stmt->affected_rows;
               
               if(
    $a_row == 1){
                  
                  
    //if this executes, database was updated with reset code. write email...
                  
    $to $email;
                  
    $subject "Demo-Central Reset Password."."\r\n";
                  
    $message "Hello ".$user."<br />\r\n";
                  
    $message .= "You have received this email because you have forgotten your password."."<br />\r\n";
                  
    $message .= "We have attached a link within the email which needs to be clicked in order to process"."<br />\r\n";
                  
    $message .= "your password reset. On this page you will be asked to enter your new password. Once you have done this"."<br />\r\n";
                  
    $message .= "you will then be able to login with your existing username and new password."."<br /><br />\r\n";
                  
    $message .= "<a href='htttp://www.labtec.0fees.net/DemorecSite/enter_new_pass.php?id={$id}&unique={$unique_id}'>Reset your password!</a><br /><br />";
                  
    $message .= "Kind regards,"."<br />\r\n";
                  
    $message .= "Demo-Central Administrator."."<br />\r\n";
                  
                  
    $headers = array();
                  
    $headers[] = "MIME-Version: 1.0";
                  
    $headers[] = "Content-type: text/html; charset=iso-8859-1";
                  
    $headers[] = "From: Demo-Central Admin <admin@demo-central.com>";
                  
    $headers[] = "Bcc: JJ Chong <bcc@domain2.com>";
                  
    $headers[] = "Reply-To: Recipient Name <receiver@domain3.com>";
                  
    $headers[] = "Subject: {$message}";
                  
    $headers[] = "X-Mailer: PHP/".phpversion();
          
                  if(
    mail($to,$subject,$messageimplode("\r\n",$headers))){
                     echo 
    "You will be emailed shortly with further instructions on resetting your password.<br />";
                     echo 
    "Please follow the <a href='index.php'>link</a> to the homepage.";
                     exit(
    0);
                  }
                  else{
                     echo 
    "There was an error sending your reset email.<br />";
                     echo 
    "Please contact the site administrator at flipmodeskwaud@hotmail.co.uk to report the problem.<br />";
                     echo 
    "Follow the link to the <a href='index.php'>homepage</a>.";
                     exit(
    0);
                  }
                  
               }
               else{
               
    //print error
               
    }
               
               
            }
            else{
               print(
    "That username does not exist.<br />");
               print(
    "<a href='reset_password.php'>Please try again.</a>");
               exit(
    0);
            }
            
         }
         else{
            
    $error_string implode("<br />",$errors);
            print(
    $error_string);
            print(
    "<br />");
            print(
    "<a href='reset_password.php'>Please try again.</a>");
            exit(
    0);
         }
    }

    ?>
    Do you know what the issue could be?

    Kind regards,

    LC.

  4. #34
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    I can't see anything obvious with the email code.. IF you got two emails and made no changes to the script and they stopped coming through then its quite likely to be a spam filter thats decided to kick in somewhere.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  5. #35
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ah my bad, they all seemed to come through at once. I've retrieved the url values with $_GET and now I just need to write the reset pass form and check it all with the php. I'll keep you updated.

    P.S - at the bottom of every email there is this line:

    Spam Filtered (11240271)

    What does that mean?

    Regards,

    LC.

  6. #36
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    It means that somewhere its been through a spam filter and that is the reference number.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  7. #37
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ok thanks.

    So I have created the page where they enter their new pass. I have successfully retrieved the values from the URL.

    When they enter their new password, do I select the record by the id, check that the key from the url matches the key in that row, if it does then update the password field with the new password, if not then print an error?

    Kind regards,

    LC.

  8. #38
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    LC,

    Have a bit more confidence in yourself. We've been over the logic flow already.

    You'll be fine
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  9. #39
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ok so I ceated the page which the user clicks to reset thier password. I have this php block at the very top of my script:

    PHP Code:
    <?php

    global $id;
    global 
    $uniq;

    $id $_GET['id'];
    $uniq $_GET['unique'];

    echo 
    $id."<br />";
    echo 
    $uniq;

    ?>
    This echo's out the correct values. I have stored them in global variables because I want to be able to use them within the action script of the new password form. When I try to echo out the variables inside the action form, no values are showing. Which is leading to my error of 0 rows being affected...

    I used globals in the past and they worked ok. I also used them in the same way so not sure what could be wrong...

    Do you know what it could be?

    Regards,

    LC.

  10. #40
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    Quote Originally Posted by LearningCoder View Post
    When I try to echo out the variables inside the action form, no values are showing.
    Do you mean inside a function? If so then no they won't be available to you.

    The global keyword must be used inside the function not at the top of your main script.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  11. #41
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    I'm not using a function, I have my page which the user clicks from their email. When they get there, the values which were passed are saved. I echo them out just for test purposes. This works fine.

    But there is another form on that page where they enter their new password. The action file for that form is do_new_pass.php. This is where I am going to use them $_GET values and select the db using the id, and then check the 'reset' $_GET value against the DB 'reset' value and go from there...

    Do you know of a way in which I can use those $_GET values in my action file?

    I thought there was something different, I checked it out and in one of my other pages the global keyword is used with a function.

    Kind regards,

    LC.

  12. #42
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    Without seeing source code there isn't much I can say really.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  13. #43
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Sorry I should have posted that initially...

    Here is the email which is sent to the user when they request to reset:
    PHP Code:
    //if this executes, database was updated with reset code. write email...
                  
    $to $email;
                  
    $subject "Demo-Central Reset Password."."\r\n";
                  
    $message "Hello ".$user."<br />\r\n";
                  
    $message .= "You have received this email because you have forgotten your password."."<br />\r\n";
                  
    $message .= "We have attached a link within the email which needs to be clicked in order to process"."<br />\r\n";
                  
    $message .= "your password reset. On this page you will be asked to enter your new password. Once you have done this"."<br />\r\n";
                  
    $message .= "you will then be able to login with your existing username and new password."."<br /><br />\r\n";
                  
    $message .= "<a href='htttp://www.labtec.0fees.net/DemorecSite/enter_new_pass.php?id={$id}&unique={$unique_id}'>Reset your password!</a><br /><br />";
                  
    $message .= "Kind regards,"."<br />\r\n";
                  
    $message .= "Demo-Central Administrator."."<br />\r\n";
                  
                  
    $headers = array();
                  
    $headers[] = "MIME-Version: 1.0";
                  
    $headers[] = "Content-type: text/html; charset=iso-8859-1";
                  
    $headers[] = "From: Demo-Central Admin <admin@demo-central.com>";
                  
    $headers[] = "Bcc: JJ Chong <bcc@domain2.com>";
                  
    $headers[] = "Reply-To: Recipient Name <receiver@domain3.com>";
                  
    $headers[] = "Subject: {$message}";
                  
    $headers[] = "X-Mailer: PHP/".phpversion();
          
                  if(
    mail($to,$subject,$messageimplode("\r\n",$headers))){
                     echo 
    "You will be emailed shortly with further instructions on resetting your password.<br />";
                     echo 
    "Please follow the <a href='index.php'>link</a> to the homepage.";
                     exit(
    0);
                  }
                  else{
                     echo 
    "There was an error sending your reset email.<br />";
                     echo 
    "Please contact the site administrator at flipmodeskwaud@hotmail.co.uk to report the problem.<br />";
                     echo 
    "Follow the link to the <a href='index.php'>homepage</a>.";
                     exit(
    0);
                  } 
    As you can see there is a link which hold two values, here is the source code for that page, enter_new_pass.php:
    PHP Code:
    <?php

    global $id;
    global 
    $uniq;

    $id $_GET['id'];
    $uniq $_GET['unique'];

    echo 
    $id."<br />";
    echo 
    $uniq;

    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
        
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
       <title>Demo-Central New Password</title>
       <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
       <script type="text/javascript" src="javascripts/advert.js"></script>
       <link rel="stylesheet" type="text/css" href="css/stylesheet.css" />
       <link rel="stylesheet" type="text/css" href="css/fontface.css" />
       <link rel="stylesheet" type="text/css" href="css/menu.css" />
       <link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico" />
    </head>
    <body onload="window_onload()">

    <div id="head">
       <img src="images/demo_banner_5_1.png" alt="DC Logo" title="Demo-Central" id="logo" border="0" />
       <?php if(!isset($_SESSION['username'])){?>
       <a href="login.php">Login</a>
       <a href="register.php">Register</a>
       <a href="reset_password.php">Reset Password</a>
       <?php } else{ ?>
       <a href="logout.php">Logout</a>
       <?php ?>
    </div>

    <div id="menu_div">
        <div id='cssmenu'>
            <ul>
                <li class='active '><a href='index.php'><span>Home</span></a></li>
                <li class='has-sub '><a href='#'><span>Games</span></a>
            <ul>
                <li><a href='gamelist.php'><span>Game List</span></a></li>
                <li><a href='files.php'><span>Files</span></a></li>
            </ul>
                </li>
                <li><a href='members.php'><span>Members</span></a></li>
                <li><a href=''><span>Forums</span></a></li>
                <li><a href='contact.php'><span>Contact</span></a></li>
                <li><a href='challenges.php'><span>Challenges !</span></a></li>
                <?php if(isset($_SESSION['username'])){ 
                         echo 
    "<li><a href='membersarea.php'>Members Area</a></li>";
                      } 
                
    ?>
            </ul>
        </div>
        
        <form action="search.php" method="post" name="search_form">
           <input type="text" name="search" size="20" maxlength="60" />
           <input type="submit" name="submit" value="Search" />
        </form>
    </div>

    <div id="page_src_div">
    <?php
    $crumbs 
    explode("/",$_SERVER["REQUEST_URI"]);
    foreach(
    $crumbs as $crumb){
        echo 
    "<strong>";
        echo 
    ucfirst(str_replace(array(".php","_"),array(""," "),$crumb) . ' &gt; ');
        echo 
    "</strong>";
    }
    ?>
    </div>

    <div id="content">

       <p id="welcome">Welcome to the <span class="red">Demo-Central</span> new password page.</p>
       <hr id="welcome_hr" noshade="noshade" />

       <form action="do_new_pass.php" method="post">
          <fieldset>
             <legend>Enter New Password</legend>
             <p><label for="password">New Password:</label><input type="password" name="password" id="password" /></p>
             <p><input type="submit" name="submit" value="Change Password" /><input type="reset" name="reset" value="Clear" /></p>
          </fieldset>
       </form>

    </div>

    <div id="footer">

    <h3 id="useful_link_header">Useful Links:</h3>
    <h3 id="internal_link_header">Internal Links:</h3>

    <ul id="first_ul">
       <li><a href="http://www.gamebanana.com" target="_blank">GameBanana</a></li>
       <li><a href="http://www.cstrike-planet.com" target="_blank">CStrike-Planet</a></li>
       <li><a href="http://uk.gamespy.com/" target="_blank">GameSpy</a></li>
       <li><a href="http://store.steampowered.com/" target="_blank">Steam</a></li>
       <li><a href="http://tpuc.org/" target="_blank">TPUC.org</a></li>
    </ul>

    <ul id="second_ul">
       <li><a href="http://www.chess.com/" target="_blank">Chess.com</a></li>
       <li><a href="http://download.deusexnetwork.com/" target="_blank">Deus Ex File Archive</a></li>
       <li><a href="http://www.teamspeak.co.uk/" target="_blank">Teamspeak</a></li>
       <li><a href="http://www.mirc.com/" target="_blank">mIRC</a></li>
       <li><a href="http://www.wampserver.com/en/" target="_blank">WAMP</a></li>
    </ul>

    <ul id="third_ul">
       <li><a href="index.php">Home</a></li>
       <li><a href="files.php">Files</a></li>
       <li><a href="members.php">Members</a></li>
       <li><a href="challenges.php">Challenges!</a></li>
       <li><a href="contact.php">Contact Us</a></li>
    </ul>

    <div id="adverts">
       <a href="http://z3.invisionfree.com/HunterKillerz/index.php?act=idx" name="advertLink" target="_blank">
          <img src="images/AdvertImage1.jpg" alt="adverts" name="imgAdvert" class="adverts" border="0" />
       </a>
    </div>

    <p>2012 &copy; Demo-Central.com<br />
       Site design by<br /><span>Thomas S.P</span></p>

    </div>
    </body>
    </html>
    As you can see I retrieve the values and at this point, they echo out fine. The form on this page goes into a file called do_new_pass.php, which is here:
    PHP Code:
    <?php

    echo $id."<br />";
    echo 
    $uniq;

    $con = new mysqli("localhost","root","","demo_central");

    $stmt $con->prepare("SELECT * FROM members WHERE id=? AND reset=?");
    $stmt->bind_param("is",$id,$uniq);
    $stmt->bind_result($id,$user,$pass,$email,$join_date,$hash,$reset);
    $stmt->execute();
    $stmt->store_result();
    $stmt->fetch();
    echo 
    $user;

    ?>
    The statement isn't returning a value. No num_rows or affected_rows values apart from 0.

    It is clearly something to do with those global variables because they do not echo out in this action script. Is there a way I can get them there?

    Regards,

    LC.

  14. #44
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,426
    Thanks
    62
    Thanked 535 Times in 522 Posts
    You're confused as to what globals are.

    Global values are for use in a script that may require access to a value out of its scope but within that instance of the script:
    PHP Code:
    $Value 'foobar';

    function 
    test()
       {
       print 
    $Value//Error - undefined variable type message
       
    }

    function 
    test2()
       {
       global 
    $Value;
       print 
    $Value//Successful
       
    }

    test();//Error
    test2();//Success 
    What you want to be using is SESSIONS. Sessions are remembered between scripts. To start or resume a session you use session_start. To store anything in the session or access a session value you use the $_SESSION array.

    enter_new_pass.php:
    PHP Code:
    session_start(); //You MUST use this in every script that accesses a users session

    $id $_GET['id'];
    $uniq $_GET['unique'];

    $_SESSION['id'] = $id;
    $_SESSION['uniq'] = $uniq
    do_new_pass.php:
    PHP Code:
    session_start();

    $id $_SESSION['id'];
    $uniq $_SESSION['uniq'];

    print 
    "$id, $uniq"
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  15. #45
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    924
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ah I did remember sessions and knew they held values between pages but didn't want to use them.

    Here is my code:
    PHP Code:

    <?php
    session_start
    ();

    $id $_SESSION['id'];
    $uniq $_SESSION['uniq']; 

    $con = new mysqli("localhost","root","","demo_central");

    $stmt $con->prepare("SELECT * FROM members WHERE id=? AND reset=?");
    $stmt->bind_param("is",$id,$uniq);
    $stmt->bind_result($id,$user,$pass,$email,$join_date,$hash,$reset);
    $stmt->execute();
    $stmt->store_result();
    $a_rows $stmt->affected_rows;

    if(
    $a_rows == 1){
       
    $stmt->fetch();//fetch all of the users data from their row...
       
       
    $new_pass mysqli_real_escape_string($con,$_POST['password']);
       
       
    $hashed sha1($hash.$new_pass.$hash);
       
       
    $stmt $con->prepare("UPDATE members SET password=? WHERE reset=?");
       
    $stmt->bind_param("ss",$hashed,$uniq);
       
    $stmt->execute();
       
    $stmt->store_result();
       
    $a_rows $stmt->affected_rows;
       
       if(
    $a_rows == 1){
          
    $null NULL;
          
    $con mysqli_query("UPDATE members SET reset='{$null}' WHERE reset='{$reset}'");
       
          print(
    "You have successfully changed your password.");
          print(
    "Please return to the <a href='login.php'>login</a> page.");
          exit(
    0);
       }
       else{
          print(
    "There was an error changing your password.");
          exit(
    0);
       }
       
       
    }
    else{
       print(
    "Error with the query. No match found for resetting.<br />");
       print(
    "Please contact the site administrator at flipmodeskwaud@hotmail.co.uk to report the problem.<br />");
       print(
    "Please click the link to return to the <a href='reset_password.php'>homepage</a>.");
       exit(
    0);
    }


    ?>
    I am wondering, how do I set the reset column value back to NULL? As you can see I tried creating a variable and using that but it just 'empties' the reset column. It's not NULL as such, but it has no value.

    Do you know how I can get that row's reset column back to the initial NULL value?

    Regards,

    LC.


 
Page 3 of 6 FirstFirst 12345 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •