please help me... my password gets encrypted but not able to get in database

Posted on 16th Feb 2014 07:03 pm by admin

hai guys,
please help me... in the following function my password gets encrypted but not able to get in database.is any error in the query please help me......


<?php

$email = $_POST['username'];
$oldpass=$_POST['password'];
$newpass=$_POST['newpass'];
$conpass=$_POST['confirmpass'];

$encry_oldpass=md5($oldpass); //encrypting old password


$con = mysql_connect("localhost","root","");
mysql_select_db("content_management",$con);

$result=mysql_query("SELECT * FROM register_data WHERE eMail='".$email."' and password='".$encry_oldpass."' and isValidate=0 and isDelete=0");
$count=mysql_num_rows($result);

if((!empty($newpass)&&!empty($conpass))&&($newpass==$conpass)&&($count=='0'))
{
$encry_conpass=md5($conpass);//encrypting confirm password

$result2=mysql_query("UPDATE register_data SET password='$encry_conpass' WHERE eMail='".$email."' and password='".$encry_oldpass."' and isValidate=0 and isDelete=0");

echo "Password Chamged Successfully";
header("location:..............."); // redirect to login page

}

else
{
echo"Password Change Fails";
// header("location:..............."); // redirect to password change page
}
?>

Your Answer:

Login to answer

Other forums

Help with translating C code into assembler code
Hi im doing a project that moves a robot around a maze avoiding walls and need some help with conver

PHP Error
On my .php page I have a drop down box that has several names in it. When a user clicks the name &am

=> and <=
So I was digging through some code when I came across the <= operator. This is the first tim

How to have a log of all the status a VIM document had been ?
Hi guys,

I’m using SAP Invoice Management plugin and the /OPT/VIM_ANALYTICS transa

Help Optimizing code
Good Morning,

I wrote a small import function for a website of mine and I know there has to b

remove a ; from emails in textarea
Code: <?php

session_start();

$database_host = "localhost&qu

Dealing with code in db query
I am dealing with C code and I need to make sure it is encoded some how to ensure its integrity and

TimeStamp Column Problem...
I'm mad at my self and thinking I'm a little retarded. It just be some one mistake I'm missing here.

Will this protect from mysql injection?
I do not want anything like DROP TABLE to work or any type of coding..

Heres my code.. is it

mysql query with single quotes in a variable
$sitedetails = "INSERT INTO vars (address, sitename, description, ownername, theme) VALUES ('$u