Hey,
Ok I'm setting up a password changing system for users. Now this is the problem:
When I enter in my ID number, my old password, my new password and a confirmation of my new password it changes it in the database, but outputs the wrong error message. It says the password I have entered as my old one does not match the record in the database. It should say, password has been changed. Anyway, here is the code, can't see anything wrong with it to be honest. Have been looking for an hour now.
<?php
if ($formsubmit!="") { $formsubmit="";
include("my/access/data.inc.php");
$report = "";
mysql_connect ($SQLhost, $SQLuser, $SQLpass);
mysql_select_db ($SQLdb);
$res_access = mysql_query ("SELECT id, userid, password FROM users where userid='$id'");
$num_access = mysql_num_rows ($res_access);
if ($num_access==0)
{ $report = "Your ID could not be found."; }
else
{
$db_password = mysql_result ($res_access,0,"password");
if ($db_password!=$pass_old)
{
$report = "The password that you have entered does not match the record in our database.";
}else{
if ($pass_new != $pass_new2) {
$report = "The new passwords you have entered do not match.";
}else{
$report = "Your password has been altered as requested.";
mysql_query ("UPDATE users SET password='$pass_new' WHERE userid='$id'");
}
}
}
}
?>
This is how I am outputting my error messages on the web page:
<?php
if ($report!="") { echo "<p class='Normal' align='justify'><b><font color='red'>Error:</font></b> <font color='red'> $report </font></p>"; }
?>
Anyone got any clues? I'm all out of ideas.
Cheers,
Chris
