1

The first part of this code works fine, I just can't seem to get the else statment working for when if ($row[password] == $password_hash) is false. I'm sure I only have a small error somewhere but just can't seem to find it.

list ($sessionname) = checkuser();
if (isset($_POST['save'])){

connect();

$currentpass = sha1($_POST['password']);
$newpass = sha1($_POST['password1']);

$sql = "SELECT password FROM members WHERE username = '$sessionname'";
    $result=mysql_query($sql);
    $row = mysql_fetch_array($result);

        if ($row['password'] == $currentpass)

    $query = mysql_query("UPDATE members SET password = '$newpass' WHERE username = '$_SESSION[username]'");
            $updated = "Your password has been updated";
               print_r($row);
        }else{
    $a = "Passwords do not match";
    return $b;
        }
}
Improve this question
6
  • 5
    Please indent your code correctly. Commented Sep 4, 2011 at 16:42
  • What error, if any do you get? Also, echo out your SQL statements and display MySQL errors. Commented Sep 4, 2011 at 16:42
  • 1
    Indent your code properly for better readability :) Commented Sep 4, 2011 at 16:43
  • You must get at least one "undefined index" notice. If you don't, you need to configure your PHP installation to display errors. Commented Sep 4, 2011 at 16:44
  • 1
    If you start to indent your code correctly, you will notice your problem pretty fast. As @Herbert stated in his answer, you are missing the opening curly brace. Commented Sep 4, 2011 at 20:50

3 Answers 3

Reset to default
2

You're missing an opening curly brace after the if statement.

if ($row['password'] == $currentpass) {
    $query = mysql_query("UPDATE members SET password = '$newpass' WHERE username = '$_SESSION[username]'");
    $updated = "Your password has been updated";
    print_r($row);
}else{
    $a = "Passwords do not match";
    return $b;
}

Notice the { after if ($row['password'] == $currentpass)

Without the brace (and no error reporting) it's skipping the query and showing the string “Your password has been updated”. That’s why the password doesn’t change in the database and why nothing else seems to work.

By the way:

ini_set('display_errors',1); 
error_reporting(E_ALL);

will turn on error reporting

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks works perfectly. i noticed around 20mins after posting this.
2

Make sure MySQL is returning a result set, by using print_r($row); to debug code.

if ($row['password'] == $password_hash){

Hint: You should use quotes around string keys. If you leave out the quotes, PHP thinks it's a constant.

Read: "why is $foo[bar] wrong".

Improve this answer

15 Comments

PHP cares, believe me. It was just a friendly hint, not a solution. The real soluton is one below.
@NullUserException Just because it works does not mean you should use it that way. It WILL raise an error and it is NOT recommended (documentation).
@NullUserException: I never said it was. I'm saying this third time in the row. Please read more carefully. Also thanks for providing a link into my answer.
@Rok: Then this should have been a comment. It is not an answer.
The OP said no matter what i input it always returns "your password has been updated"; there is a resultset being returned.
|
1

Your question is not very clear. What happens when you run the code? Did you try checking what both $password_hash and $row[password] are just before the conditional?

I'm pretty sure the problem does not lie in the missing quotes, I just tested it and it works fine, but they should be there anyway.

Improve this answer

3 Comments

i've added the quotes but issue is still the same.
it just always does the if statement and whether they == the same or not. And i always get the "Your password has been updated" instead of $a "passwords do not match
@John: No, that is not possible.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.