Recovered passwords do not update in database.

Anonymous
timer Asked: Aug 18th, 2013
account_balance_wallet $5

Question Description

Hey.

I have this php code if the user forgets the password, he needs to enter his email to login. It successfully sends an email with a new random generated password. But when the user logins with the new password. It doesn't login. You have to use your old password. The new password does not update in the database. What is the problem here? 

<?php if(isset($_POST['submit']) && $inLoggad == false){

//storing the posted info in variables

$email = mysql_real_escape_string($_POST['email']);

$exist = mysql_fetch_array( mysql_query("SELECT * FROM anvandare WHERE email='$email' LIMIT 1") );

if($exist['email'] == $email){

//creating a new generated password for the user, if the user has forgotten

$newPwd = genPassword();

$newHashPwd = md5($newPwd);

//send the new generated password via email of the user

$message = "Hello " . $exist['anvandarnamn'] . ". Your new password is: " . $newPwd;

$mailheader = "From: HighPload";  

$mailheader .= "Reply-To: noreply@noreply.com";  

$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n"; 

mail($exist['email'],  "Highpload - Your new password has arrived!", $message, $mailheader) or die($fail = true); 

//Updating the new password in the dB

if($fail != true){

mysql_query("UPDATE anvandare SET password='$newHashPwd' WHERE email='$email' ");

}

}else {

$showErrors = true;

}

}

elseif($inLoggad == true) {

print '<script>window.location = "index.php"</script>';

}

?>


Thanks.

Tutor Answer

Knowlez
School: Boston College

The problem lies in with your database. How many layers does does your database have? i guess its user name and password, but how about the new password? Ill advise that you look on your code and specifically block of code which performs operations on the database. It seems like the old password is still retained,doesn't update as the new password is generated.

If a new password is generated_then. This is probably the command that can resolve the problem of the password being updated.

Look forward to your feedback

flag Report DMCA
Review

Anonymous
Thank you! Reasonably priced given the quality not just of the tutors but the moderators too. They were helpful and accommodating given my needs.

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors