Help with Password Encoding/Decoding?


Posted on 16th Feb 2014 07:03 pm by admin

Trying to design a "change password" tool. On my signup code I'm using base64_encode, now I am trying to decode it on the change password screen and having issues. Yes I am very new to this.

I keep returning a fail response with this. Help?

Did you know?Explore Trending and Topic pages for more stories like this.
<?php

include("check_session.php");
include("online.php");
include("site.conf.php");
include("$base_dir/include/scTemplate.class.php");
include("$base_dir/include/timestamp.inc.php");
include("$base_dir/include/index.inc.php");
include("$base_dir/include/calendar.inc.php");
include("$base_dir/include/images.inc.php");


/****************************************************************
* open connection to mysql server *
****************************************************************/

$conn = mysql_connect($db_host, $db_user, $db_password);
mysql_select_db($db_name, $conn);



$sql = "select id from tbl_pm_message ";
$sql .= "where (id_to='$user_id') and (status='online') and

(flag='1')";

$result = mysql_query($sql);
$new_message = mysql_num_rows($result);




if (($old_password == "") || ($password1 == "") || ($password2 == "") ||

($password1 != $password2)) {
$error = "upt01";
}

else {

$old_password = base64_decode($old_password);
$password1 = base64_encode($password1);
$password2 = base64_encode($password2);



$sql = "select id from tbl_user where (id='$user_id') and

(code='$user_code') and ";
$sql .= "('$old_password') ";

$result = mysql_query($sql);
$rows = mysql_num_rows($result);

if ($rows > 0) {





$sql = "update tbl_user set ('$password1'),

status='active' ";
$sql .= "where (id='$user_id') and (code='$user_code')

";

$result = mysql_query($sql);

if ($result) {
$error = "";
}
else {
$error = "upt02";
}
}
else {
$error = "upt03";
}
}

/****************************************************************
* generate page *
****************************************************************/

$tpl = new scTemplate("$templates_dir/password_result.html");
$tpl->replace("SC_SI_BANNER", show_banner());
$tpl->replace("SC_SI_ADS", show_ads());
$tpl->replace("SC_SI_MENU", show_menu(1));
$tpl->replace("SC_SI_LOGO", show_logo());
$tpl->replace("SC_SI_RIGHTLOGO", show_rightlogo());
$tpl->replace("SC_SI_SEARCH", show_search());
$tpl->replace("SC_SI_NEWS", show_news());
$tpl->replace("SC_SI_MEMBER", show_member());
$tpl->replace("SC_SI_CALENDAR", show_calendar());
$tpl->replace("SC_SI_BOTTOM", show_bottom());
$tpl->replace("SC_SI_COPYRIGHT", show_copyright());

$tpl->replace("SC_USERNAME", $user_name);
$tpl->replace("SC_NEW", $new_message);


if ($error == "") {
$tpl->replace("SC_RESULT", "OK");
}
else {
$tpl->replace("SC_RESULT", "Failed");
}

$tpl->write();

?>
No comments posted yet

Your Answer:

Login to answer
328 Like 25 Dislike
Previous forums Next forums
Other forums

On page view, minus credit
Hello all, please, I need a little help with this script. I am charging one credit (credits can be p

shift numbers with paging
Hi

How would i be able to display 10 numbers 1 2 3 4 5 6 7 8 9 10
and when I click next

Binding 2 UDP sockets on same port, connected to different destinations, 1 receives
Hello,
My application wants to send/recv data to 2 different UDP ports on a remote computer, us

Schedule editor
Hi,

I have a question related to Schedule editor.
If we schedule a BLS for every 30

classic dynpro : hide area and auto adjust hights
Hi,

I want to develop a similar user interface as is used in standard transaction MIGO.

problems with php variables in mysql query
i can't seem to get the following query to work.

select $q1c from $vote_rate where id = $re

Error Messaging not working
I changed the way my form tells the user of an error. But I can't seem to get it to work properly.

PHP & Java
Hello,

can PHP code be used inside java code?

Code: [Select]<SCRIPT LANGUAGE=&q

How can use this array as a key?
Say I have this array for example:


print_r($array);

Prints:
Code: [Select]Array

is this the proper use of mysql_real_escape_string() to prevent sql injections?
i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash