php - cant update password in mysql db and how to insert confirm password in register page -
i having 2 problem in programming. 1)cant update password in mysql db.
change_password.php
<?php session_start(); require_once 'class.user.php'; $user_home = new user(); ?> <!doctype html public "-//w3c//dtd html 3.2//en"> <html> <head> <title>(type title page here)</title> </head> <body> <?php ///////collect form data ///// if(isset($_post['btn-signup'])) { $password=$_post['password']; $password2=$_post['password2']; $old_password=$_post['old_password']; ///////////////////////// $stmt = $user_home->runquery("select * registered_users userid=:uid"); $stmt->execute(array(":uid"=>$_session['usersession'])); $row = $stmt->fetch(pdo::fetch_assoc); if($row['password']<>md5($old_password)){ echo"your old password not matching per our record.<br>"; echo"no same pass"; } if ( $password <> $password2 ){ $msg=$msg."both passwords not matching<br>"; echo "new pass not same"; $password=md5($password); $stmt = $this->conn->prepare("update registered_users set password=:password email:email"); $stmt->bindparam(":password",$password); if($stmt->execute()){ echo "<font face='verdana' size='2' ><center>thanks <br> password changed successfully. please keep changing password better security</font></center>"; }else{echo "<center>sorry <br> failed change password contact site admin</font></center>"; } // end of if else if updation of password successful } // end of if else todo } ?> </body> <form method="post"> <input type="password" name="old_password" placeholder="old pass" /> <input type="password" name="password" placeholder="opassword" /> <input type="password" name="password2" placeholder="password2" /> <button class="btn btn-large btn-primary" type="submit" name="btn-signup">sign up</button> </form> </html> output
your old password not matching per our record. no same pass old pass <text fill> password <text fill> password2 <text fill> sign <button> 2)how insert confirm password fill in register page. user enter same password again can check same signup.php
<?php session_start(); require_once 'class.user.php'; $reg_user = new user(); if($reg_user->is_logged_in()!="") { $reg_user->redirect('index.php'); } if(isset($_post['btn-signup'])) { $salutation = $_post['salutation']; $fullname = $_post['fullname']; $nric = $_post['nric']; $gender = $_post['gender']; $dateofbirth = $_post['dateofbirth']; $mobilenumber = $_post['mobilenumber']; $email = $_post['email']; $password = $_post['password']; $address = $_post['address']; $postalcode = $_post['postalcode']; $serialnumber = md5(uniqid(rand())); $stmt = $reg_user->runquery("select * registered_users email=:email_id"); $stmt->execute(array(":email_id"=>$email)); $row = $stmt->fetch(pdo::fetch_assoc); if($stmt->rowcount() > 0) { $msg = " <div class='alert alert-error'> <button class='close' data-dismiss='alert'>×</button> <strong>sorry !</strong> email allready exists , please try 1 </div> "; } else { if($reg_user->register($salutation,$fullname,$nric,$gender,$dateofbirth,$mobilenumber,$email,$password,$address,$postalcode,$serialnumber)) { $id = $reg_user->lasdid(); $key = base64_encode($id); $id = $key; $message = " dear $salutation $fullname, <br /><br /> thank registering us!<br/> complete registration please , click following link<br/> <br /><br /> <a href='http://localhost:8080/xampp/bicycletheft/test5/php/verify.php?id=$id&serialnumber=$serialnumber'>click here activate :)</a> <br /><br /> thanks,<br/> <br /> site admin"; $subject = "confirm registration"; $reg_user->send_mail($email,$message,$subject); $msg = " <div class='alert alert-success'> <button class='close' data-dismiss='alert'>×</button> <strong>success!</strong> we've sent email $email. please click on confirmation link in email create account. </div> "; } else { echo "sorry , query no execute. pleae go nearest npc register."; } } } ?> <!doctype html> <html> <head> <title>signup</title> <!-- bootstrap css --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link href="../css/bootstrap-theme.min.css" rel="stylesheet"> <link rel="stylesheet" href="../css/newfile.css" type="text/css"> </head> <body> <script src="../js/jquery-1.12.3.min.js"></script> <script src="../js/bootstrap.min.js"></script> <?php include 'navbar.php'; ?> <?php if(isset($msg)) echo $msg; ?> <div class="padding"> <form class="form-signin" method="post"> <h2 class="form-signin-heading">sign up</h2><hr /> <table> <tr> <td>salutation</td> <td><select name="salutation"> <option value="dr">dr</option> <option value="mr">mr</option> <option value="mrs">mrs</option> <option value="ms">ms</option> <option value="madam">madam</option> </select> </td> </tr> <tr> <td>full name (as in nric):</td> <td><input type="text" class="input-block-level" placeholder="full name" name="fullname" required /></td> </tr> <tr> <td>nric:</td> <td><input type="text" class="input-block-level" placeholder="s1234567a" name="nric" required /></td> </tr> <tr> <td>gender:</td> <td><input type="radio" name="gender" value="male">male <input type="radio" name="gender" value="female">female</td> </tr> <tr> <td>date of birth:</td> <td><input type="date" class="input-block-level" name="dateofbirth" required /></td> </tr> <tr> <td>mobile nume:</td> <td><input type="text" class="input-block-level" placeholder="91234567" name="mobilenumber" required /></td> </tr> <tr> <td>email address:</td> <td><input type="email" class="input-block-level" placeholder="abc@example.com" name="email" required /></td> </tr> <tr> <td>password:</td> <td><input type="password" class="input-block-level" placeholder="password" name="password" required /></td> </tr> <tr> <td>address:</td> <td><input type="text" class="input-block-level" placeholder="address" name="address" required /></td> </tr> <tr> <td>postal code:</td> <td><input type="text" class="input-block-level" placeholder="postalcode" name="postalcode" required /></td> </tr> </table> <button class="btn btn-large btn-primary" type="submit" name="btn-signup">sign up</button> </form> </div> </body> </html> class.user.php
<?php require_once 'dbconfig.php'; class user { private $conn; public function __construct() { $database = new database(); $db = $database->dbconnection(); $this->conn = $db; } public function runquery($sql) { $stmt = $this->conn->prepare($sql); return $stmt; } public function lasdid() { $stmt = $this->conn->lastinsertid(); return $stmt; } public function register($salutation,$fullname,$nric,$gender,$dateofbirth,$mobilenumber,$email,$password,$address,$postalcode,$serialnumber) { try { $password = md5($password); $stmt = $this->conn->prepare("insert registered_users(salutation,fullname,nric,gender,dateofbirth,mobilenumber,email,password,address,postalcode,serialnumber) values(:salutation,:fullname,:nric,:gender,:dateofbirth,:mobilenumber,:email,:password,:address,:postalcode,:serialnumber)"); $stmt->bindparam(":salutation",$salutation); $stmt->bindparam(":fullname",$fullname); $stmt->bindparam(":nric",$nric); $stmt->bindparam(":gender",$gender); $stmt->bindparam(":dateofbirth",$dateofbirth); $stmt->bindparam(":mobilenumber",$mobilenumber); $stmt->bindparam(":email",$email); $stmt->bindparam(":password",$password); $stmt->bindparam(":address",$address); $stmt->bindparam(":postalcode",$postalcode); $stmt->bindparam(":serialnumber",$serialnumber); $stmt->execute(); return $stmt; } catch(pdoexception $ex) { echo $ex->getmessage(); } } public function registerbike($userid,$typeofbike,$brand,$model,$colour,$remarks,$serialnumber,$final_file,$folder) { try { $stmt = $this->conn->prepare("insert bike_tbl (userid,typeofbike,brand,model,colour,remarks,serialnumber,file,location) values(:userid,:typeofbike,:brand,:model,:colour,:remarks,:serialnumber,:file,:location)"); $stmt->bindparam(":userid",$userid); $stmt->bindparam(":typeofbike",$typeofbike); //$stmt->bindparam(":otherbike",$otherbike); $stmt->bindparam(":brand",$brand); $stmt->bindparam(":model",$model); $stmt->bindparam(":colour",$colour); //$stmt->bindparam(":usedbike",$usedbike); $stmt->bindparam(":remarks",$remarks); $stmt->bindparam(":serialnumber",$serialnumber); $stmt->bindparam(":file",$final_file); $stmt->bindparam(":location",$folder); $stmt->execute(); return $stmt; } catch(pdoexception $ex) { echo $ex->getmessage(); } } public function updateuser($fullname,$mobilenumber,$password,$address,$postalcode,$email) { try { $password = md5($password); $stmt = $this->conn->prepare("update registered_users set fullname=:fullname,mobilenumber=:mobilenumber,password=:password,address=:address,postalcode=:postalcode email=:email"); // $stmt->execute(array(":email"=>$email)); // $userrow=$stmt->fetch(pdo::fetch_assoc); $stmt->bindparam(":email",$email); $stmt->bindparam(":fullname",$fullname); $stmt->bindparam(":mobilenumber",$mobilenumber); $stmt->bindparam(":password",$password); $stmt->bindparam(":address",$address); $stmt->bindparam(":postalcode",$postalcode); $stmt->execute(); return $stmt; } catch(pdoexception $ex) { echo $ex->getmessage(); } } public function login($email,$password) { try { $stmt = $this->conn->prepare("select * registered_users email=:email_id"); $stmt->execute(array(":email_id"=>$email)); $userrow=$stmt->fetch(pdo::fetch_assoc); if($stmt->rowcount() == 1) { if($userrow['userstatus']=="y") { if($userrow['password']==md5($password)) { $_session['usersession'] = $userrow['userid']; return true; } else { header("location: index.php?error1"); exit; } } else { header("location: index.php?inactive"); exit; } } else { header("location: index.php?error2"); exit; } } catch(pdoexception $ex) { echo $ex->getmessage(); } } public function chgpass($currentpassword,$newpassword) { try { $stmt = $this->conn->prepare("select * registered_users email=:email_id"); $stmt->execute(array(":email_id"=>$email)); $userrow=$stmt->fetch(pdo::fetch_assoc); if($stmt->rowcount() == 1) { if($userrow['userstatus']=="y") { if($userrow['password']==md5($currentpassword)) { $_session['usersession'] = $userrow['userid']; $stmt = $this->conn->prepare("update registered_users set password=:newpassword email=:email"); $stmt->bindparam(":newpassword",$newpassword); return true; } else { header("location: index.php?error1"); exit; } } else { header("location: index.php?inactive"); exit; } } else { header("location: index.php?error2"); exit; } } catch(pdoexception $ex) { echo $ex->getmessage(); } } public function is_logged_in() { if(isset($_session['usersession'])) { return true; } } public function redirect($url) { header("location: $url"); } public function logout() { session_destroy(); $_session['usersession'] = false; } function send_mail($email,$message,$subject) { require_once('../mailer/class.phpmailer.php'); $mail = new phpmailer(); $mail->issmtp(); $mail->smtpdebug = 0; $mail->smtpauth = true; $mail->smtpsecure = "ssl"; $mail->host = "smtp.gmail.com"; $mail->port = 465; $mail->addaddress($email); $mail->username="abtmp16@gmail.com"; $mail->password="antibicycletheft16"; $mail->setfrom('abtmp16@gmail.com','muahammed ashik'); $mail->addreplyto("abtmp16@gmail.com","reply"); $mail->subject = $subject; $mail->msghtml($message); $mail->send(); } } ?>
you not binding second parameter :email.
corrected answer:
$stmt = $this->conn->prepare("update registered_users set password=:password email:email"); $stmt->bindparam(":password",$password); $stmt->bindparam(":email",$email); // line missing. 
Comments
Post a Comment