Help with Password Encoding/Decoding?
Posted on
16th Feb 2014 07:03 pm by
admin
Trying to design a "change password" tool. On my signup code I'm using base64_encode, now I am trying to decode it on the change password screen and having issues. Yes I am very new to this.
I keep returning a fail response with this. Help?
Did you know?Explore Trending and Topic pages for more stories like this.
<?php
include("check_session.php");
include("online.php");
include("site.conf.php");
include("$base_dir/include/scTemplate.class.php");
include("$base_dir/include/timestamp.inc.php");
include("$base_dir/include/index.inc.php");
include("$base_dir/include/calendar.inc.php");
include("$base_dir/include/images.inc.php");
/****************************************************************
* open connection to mysql server *
****************************************************************/
$conn = mysql_connect($db_host, $db_user, $db_password);
mysql_select_db($db_name, $conn);
$sql = "select id from tbl_pm_message ";
$sql .= "where (id_to='$user_id') and (status='online') and
(flag='1')";
$result = mysql_query($sql);
$new_message = mysql_num_rows($result);
if (($old_password == "") || ($password1 == "") || ($password2 == "") ||
($password1 != $password2)) {
$error = "upt01";
}
else {
$old_password = base64_decode($old_password);
$password1 = base64_encode($password1);
$password2 = base64_encode($password2);
$sql = "select id from tbl_user where (id='$user_id') and
(code='$user_code') and ";
$sql .= "('$old_password') ";
$result = mysql_query($sql);
$rows = mysql_num_rows($result);
if ($rows > 0) {
$sql = "update tbl_user set ('$password1'),
status='active' ";
$sql .= "where (id='$user_id') and (code='$user_code')
";
$result = mysql_query($sql);
if ($result) {
$error = "";
}
else {
$error = "upt02";
}
}
else {
$error = "upt03";
}
}
/****************************************************************
* generate page *
****************************************************************/
$tpl = new scTemplate("$templates_dir/password_result.html");
$tpl->replace("SC_SI_BANNER", show_banner());
$tpl->replace("SC_SI_ADS", show_ads());
$tpl->replace("SC_SI_MENU", show_menu(1));
$tpl->replace("SC_SI_LOGO", show_logo());
$tpl->replace("SC_SI_RIGHTLOGO", show_rightlogo());
$tpl->replace("SC_SI_SEARCH", show_search());
$tpl->replace("SC_SI_NEWS", show_news());
$tpl->replace("SC_SI_MEMBER", show_member());
$tpl->replace("SC_SI_CALENDAR", show_calendar());
$tpl->replace("SC_SI_BOTTOM", show_bottom());
$tpl->replace("SC_SI_COPYRIGHT", show_copyright());
$tpl->replace("SC_USERNAME", $user_name);
$tpl->replace("SC_NEW", $new_message);
if ($error == "") {
$tpl->replace("SC_RESULT", "OK");
}
else {
$tpl->replace("SC_RESULT", "Failed");
}
$tpl->write();
?>
