What's new

Help I can't change the password

Status
Not open for further replies.

Alieson09

Forum Master
Joined
Aug 30, 2021
Posts
2,246
Solutions
27
Reaction
2,961
Points
5,606
I can't change the password

PHP:
<?php
session_start();
include('connect.php');
error_reporting(0);
if (strlen($_SESSION['vpmsaid']==0)) {
  header('location:logout.php');
  } else{
if(isset($_POST['submit']))
{
$adminid=$_SESSION['vpmsaid'];
$cpassword=md5($_POST['currentpassword']);
$newpassword=md5($_POST['newpassword']);
$query=mysqli_query($con,"select ID from tbladmin where ID='$adminid' and   Password='$cpassword'");
$row=mysqli_fetch_array($query);
if($row>0){
$ret=mysqli_query($con,"update tbladmin set Password='$newpassword' where ID='$adminid'");
echo '<script>alert("Your password successully changed.")</script>';
} else {

echo '<script>alert("Your current password is wrong.")</script>';
}



}

 
  ?>
<head>
    <title>BPMS - Change Password</title>
<script type="text/javascript">
function checkpass()
{
if(document.changepassword.newpassword.value!=document.changepassword.confirmpassword.value)
{
alert('New Password and Confirm Password field does not match');
document.changepassword.confirmpassword.focus();
return false;
}
return true;
}
</script>
</head>
<body>
   <?php include_once('includes/header.php');?>
   <?php include_once('includes/navbar.php');?>
        <div class="container">
                <div class="row">
                    <div class="col-lg-6">
                        <div class="card">                         
                        </div> <!-- .card -->
                    </div><!--/.col-->
                    <div class="col-lg-12">
                        <div class="card">
                            <div class="card-header">
                                <strong>Change </strong> Password
                            </div>
                            <div class="card-body card-block">
                                <form action="" method="post" enctype="multipart/form-data" class="user" name="changepassword" onsubmit="return checkpass();">
                                    <?php
$email=$_SESSION['bpmsaid'];
$row=mysqli_query($con,"select * from login where Email='$email'");
$cnt=1;
while ($row=mysqli_fetch_array($result)) {

?>
                                <div class="row form-group">
                                        <div class="col col-md-3"><label for="text-input" class=" form-control-label">Current Password</label></div>
                                        <div class="col-12 col-md-9"><input type="password" name="currentpassword" class=" form-control" required= "true" value=""></div>
                                    </div>
                                    <div class="row form-group">
                                        <div class="col col-md-3"><label for="email-input" class=" form-control-label">New Password</label></div>
                                        <div class="col-12 col-md-9"><input type="password" name="newpassword" class="form-control" value="" required="true"></div>
                                    </div>
                                    <div class="row form-group">
                                        <div class="col col-md-3"><label for="email-input" class=" form-control-label">Confirm Password</label></div>
                                        <div class="col-12 col-md-9"><input type="password" name="confirmpassword" class="form-control" value="" required="true"></div>
                                    </div>
                                    <?php } ?>
                                   <p style="text-align: center;"> <button type="submit" class="btn btn-primary btn-user btn-block" name="submit" >Change</button></p>
                                </form>
                            </div>                           
                        </div>                       
                    </div>
                    <div class="col-lg-6">                 
                </div>
            </div>
        </div><!-- .animated -->
    </div><!-- .content -->
</body>
</html>
    <?php
include('includes/scripts.php');
include('includes/footer.php');
?>
<?php }  ?>
PHP:
<?php
$host = "localhost";
$user = "root";
$password = "";
$db = "bpms2db";

session_start();

$data = mysqli_connect($host, $user, $password, $db);

if ($data === false) {
    die("connection error");
}

if (isset($_POST['login'])) {
    $email = $_POST["email"];
    $password = $_POST["password"];

    $sql = "select * from login where Email ='" . $email . "' AND password='" . $password . "' ";

    $result = mysqli_query($data, $sql);
    if($result) {
    if (mysqli_num_rows($result) == 1) {
        $row = mysqli_fetch_array($result);
        $data->close();

        if ($row["usertype"] == "user") {
            $_SESSION["email"] = $email;
            header("location:dashboarduser.php");
        } elseif ($row["usertype"] == "admin") {
            $_SESSION["email"] = $email;
            header("location:admin/index.php");
        } else {
            echo "<script>alert('email or password incorrect');</script>";
        }
    } else {
        echo "Query error: " . mysqli_error($data);
    }
}
}

?>
<!DOCTYPE html>
<html lang="en">

<head>

    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="">
    <meta name="author" content="">

    <title>BPMS - Login</title>

    <!-- Custom fonts for this template-->
    <link href="vendor/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css">
    <link
        href="https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i"
        rel="stylesheet">

    <!-- Custom styles for this template-->
    <link href="css/sb-admin-2.css" rel="stylesheet">
    
</head>

<body class="bg-gradient-primary">
    <header>
        <div class="logo">
        <p>Bicycle Parking Management System</p>
              </div>
      <nav>
        <ul>
          <li><a href="#" class="navf">Home</a></li>
          <li><a href="#" class="navf">About</a></li>
          <li><a href="#" class="navf">Services</a></li>
            </ul>
          </nav>
        </header>
    <div class="container">

        <!-- Outer Row -->
        <div class="row justify-content-center">

            <div class="col-xl-10 col-lg-12 col-md-9">

                <div class="card o-hidden border-0 shadow-lg my-5">
                    <div class="card-body p-0">
                        <!-- Nested Row within Card Body -->
                        <div class="row">
                            <div class="col-lg-6 d-none d-lg-block bg-login-image"></div>
                            <div class="col-lg-6">
                                <div class="p-5">
                                    <div class="text-center">
                                        <h1 class="h4 text-gray-900 mb-4">Welcome To BPMS !</h1>
                                    </div>
                                    <form class="user" method="POST">
                                        <div class="form-group">
                                            <input type="email" class="form-control form-control-user"
                                                id="exampleInputEmail" aria-describedby="emailHelp" name="email"
                                                placeholder="Email Address..." required="true">
                                        </div>
                                        <div class="form-group">
                                            <input type="password" class="form-control form-control-user"
                                                id="exampleInputPassword" placeholder="Password" name="password" required="true">
                                        </div>
                                        <div class="form-group">
                                            <div class="custom-control custom-checkbox small">
                                                <input type="checkbox" class="custom-control-input" id="customCheck">
                                                <label class="custom-control-label" for="customCheck">Remember
                                                    Me</label>
                                            </div>
                                        </div>
                                        <button type="submit" name="login" class="btn btn-primary btn-user btn-block">
                                            Login
                                        </button>
                                        <hr>
                                    </form>
                                    <hr>
                                    <div class="text-center">
                                        <a class="small" href="forgotpassword.php">Forgot Password?</a>
                                    </div>
                                    <div class="text-center">
                                        <a class="small" href="signup.php">Create an Account!</a>
                                    </div>
                                </div>
                            </div>
                        </div>
                    </div>
                </div>

            </div>

        </div>

    </div>

    <!-- Bootstrap core JavaScript-->
    <script src="vendor/jquery/jquery.min.js"></script>
    <script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script>

    <!-- Core plugin JavaScript-->
    <script src="vendor/jquery-easing/jquery.easing.min.js"></script>

    <!-- Custom scripts for all pages-->
    <script src="js/sb-admin-2.min.js"></script>

</body>

</html>
SQL:
-- phpMyAdmin SQL Dump
-- version 5.2.0
-- https://www.phpmyadmin.net/
--
-- Host: 127.0.0.1
-- Generation Time: Apr 21, 2023 at 01:50 PM
-- Server version: 10.4.27-MariaDB
-- PHP Version: 8.2.0

SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
SET time_zone = "+00:00";


/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;

--
-- Database: `bpms2db`
--

-- --------------------------------------------------------

--
-- Table structure for table `login`
--

CREATE TABLE `login` (
  `ID` int(11) NOT NULL,
  `FullName` varchar(150) NOT NULL,
  `RegAddress` varchar(150) NOT NULL,
  `MobileNumber` bigint(10) NOT NULL,
  `Email` varchar(120) NOT NULL,
  `password` varchar(120) NOT NULL,
  `RegDate` timestamp NOT NULL DEFAULT current_timestamp(),
  `usertype` varchar(50) NOT NULL DEFAULT 'user'
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;

--
-- Dumping data for table `login`
--

INSERT INTO `login` (`ID`, `FullName`, `RegAddress`, `MobileNumber`, `Email`, `password`, `RegDate`, `usertype`) VALUES
(1, 'John Doe', 'Rizal', 9563321234, 'jm@example.com', 'password123', '2023-04-13 01:22:32', 'admin'),
(2, 'Alie Son', 'Pasig City', 9567741506, 'alie@example.com', 'password123', '2023-04-13 01:22:32', 'user'),
(3, 'Janna Ang', 'Pasig City', 9455082124, 'Janna@example.com', 'Password123', '2023-04-13 01:25:15', 'user'),
(4, 'Ella Ang', 'Pasig CIty', 9764563213, 'Ella@example.com', 'password123', '2023-04-15 16:53:42', 'user'),
(5, 'Nath Ang', 'Pasig City', 9764545454, 'Nath@example.com', 'pass', '2023-04-16 04:45:53', 'user'),
(6, 'Tim Ang', 'Pasig City', 9898985445, 'tim@example.com', 'pasas', '2023-04-16 04:50:20', 'user'),
(7, 'hanna ang', 'Pasig City', 9564982333, 'hanna@example.com', 'pasassadsadas', '2023-04-16 04:53:44', 'user');

--
-- Indexes for dumped tables
--

--
-- Indexes for table `login`
--
ALTER TABLE `login`
  ADD PRIMARY KEY (`ID`),
  ADD KEY `MobileNumber` (`MobileNumber`);

--
-- AUTO_INCREMENT for dumped tables
--

--
-- AUTO_INCREMENT for table `login`
--
ALTER TABLE `login`
  MODIFY `ID` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=8;
COMMIT;

/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
 
Based on the code you provided, it seems that there are two separate issues: one related to changing the password and another one related to logging in.

Regarding the issue with changing the password, the code you shared looks correct and should work fine, assuming that the database connection is correctly set up and that the table name and column names match the ones in the code. However, it's difficult to determine the exact issue without the error message or symptoms you are experiencing. Some potential reasons why the password change functionality may not be working include:

  • Authentication issues: If the session variables are not properly set or the user is not authenticated, the password change functionality will not work. Make sure that the session variables are correctly set and that the user is authenticated before attempting to change the password.
  • Database connectivity issues: If the database connection is broken or the table/column names do not match the ones in the code, the password change functionality will not work. Ensure that the database connection is correctly set up and that the table/column names match the ones in the code.
  • Password hashing issues: If the password hashing algorithm is not working properly, the password change functionality will not work. Make sure that the password hashing algorithm is working correctly and that the new password is hashed properly before storing it in the database.

Regarding the issue with logging in, the code seems to be missing the SQL injection prevention measures, which may lead to security vulnerabilities. You should consider using prepared statements or input validation to prevent SQL injection attacks. Additionally, it's unclear what the exact issue with the login functionality is. If you could provide more details or error messages, I could try to help you further.
 
Ts napansin ko lang yung mga thread mo hehe. Pwede mo po-i quote yung sagot sayo ng bot para makapag tanong ka po ulit and automatic pa rin po sasagot si bot hehe.
 
Status
Not open for further replies.

Similar threads

Back
Top