Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > Take a look at this ugly code.

Freelance Jobs

Reply
Take a look at this ugly code.
Old 06-30-2010, 09:15 PM Take a look at this ugly code.
Skilled Talker

Posts: 83
Trades: 0
Talkupation: Smudly is on a distinguished road
Currently I'm having troubles getting my Password validation to work properly for my profile page. The user is supposed to be able to change their password after typing in their password. It's currently giving me the error "Invalid Password" no matter what I type. Here is the code. Any help appreciated. (I'm not getting any sql errors)
PHP Code:
<?php
session_start();
include('inc/connect.php');

$username = isset($_SESSION['username']) ? $_SESSION['username'] : ''

$edit = (isset($_POST['edit']));
$passchange = (isset($_POST['passchange']));

if (!empty($username))

    //if user is logged in 

    $sql mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); 
    $row mysql_fetch_assoc($sql); 

    $dbfname $row['fname']; 
    $dblname $row['lname']; 
    $dbemail $row['email']; 
    $dbpassword $row['password'];
    $password md5($_POST['password']); 
    
    $error "";
    
    if ($edit)
    {
    
        $fnamenew mysql_real_escape_string(strtolower(strip_tags($_POST['fname']))); 
        $lnamenew mysql_real_escape_string(strtolower(strip_tags($_POST['lname']))); 
        $emailnew mysql_real_escape_string(strip_tags($_POST['email'])); 
        
        $update "UPDATE `users` SET `fname`='$fnamenew', `lname`='$lnamenew', `email`='$emailnew' WHERE `username`='$username'";
        mysql_query($update);
        
    
    //////////// Email Validation ////////////
    function validEmail($email)
    {
       $isValid true;
       $atIndex strrpos($email"@");
       if (is_bool($atIndex) && !$atIndex)
       {
          $isValid false;
       }
       else
       {
          $domain substr($email$atIndex+1);
          $local substr($email0$atIndex);
          $localLen strlen($local);
          $domainLen strlen($domain);
          if ($localLen || $localLen 64)
          {
             // local part length exceeded
             $isValid false;
          }
          else if ($domainLen || $domainLen 255)
          {
             // domain part length exceeded
             $isValid false;
          }
          else if ($local[0] == '.' || $local[$localLen-1] == '.')
          {
             // local part starts or ends with '.'
             $isValid false;
          }
          else if (preg_match('/\\.\\./'$local))
          {
             // local part has two consecutive dots
             $isValid false;
          }
          else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/'$domain))
          {
             // character not valid in domain part
             $isValid false;
          }
          else if (preg_match('/\\.\\./'$domain))
          {
             // domain part has two consecutive dots
             $isValid false;
          }
          else if
        (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                         str_replace("\\\\","",$local)))
          {
             // character not valid in local part unless 
             // local part is quoted
             if (!preg_match('/^"(\\\\"|[^"])+"$/',
                 str_replace("\\\\","",$local)))
             {
                $isValid false;
             }
          }
          if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
          {
             // domain not found in DNS
             $isValid false;
          }
       }
       return $isValid;
    }
    //////////// End Email Validation /////////
    
    
    
    $dbfname $fnamenew
    $dblname $lnamenew
    $dbemail $emailnew
    
    
    $success "Success!";
    
    }
    
    // Change Password
    if ($passchange)
    {
            if($password){
                
                if($password==$dbpassword){
                
                    $passwordnew md5($_POST['passwordnew']); 
                    $passwordconf md5($_POST['passwordconf']);
                    
                    if (isset($passwordnew) && !empty($passwordnew)){
                    
                        if (isset($passwordconf) && !empty($passwordconf)){
                            
                            if ($passwordnew==$passwordconf){
                                
                            $passupdate "UPDATE `users` SET `password`='$passwordnew' WHERE `username`='$username'";
                            mysql_query($passupdate);
                            
                            $passsuccess "Success!";
                                
                            }
                            else{
                                $error "Your passwords do not match!";
                            }
                        
                        }
                        else{
                            $error "Please type in your Confirmed Password!";
                        }
                     
                    }
                    else{
                        $error "Please type in your New Password!";
                    }
                
                }
                else{
                    $error "Invalid Password";
                }
        
        
        
            }
            else{
                $error "Please type in your Password!";
            }
    
    
    
    }
    
}

?>

<html> 
<head> 
<title>Profile</title> 


<script type="text/javascript" language="javascript">
function inputLimiter(e,allow) {
var AllowableCharacters = '';

if (allow == 'UserNameChar'){AllowableCharacters='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';}
if (allow == 'UsernameChar'){AllowableCharacters='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890';}

var k;

k=document.all?parseInt(e.keyCode): parseInt(e.which);

if (k!=13 && k!=8 && k!=0){

if ((e.ctrlKey==false) && (e.altKey==false)) {

return (AllowableCharacters.indexOf(String.fromCharCode(k))!=-1);

} else {

return true;

}

} else {

return true;

}

}

</script>
<style>
#container{
    width: 275px;
    margin-left: auto;
    margin-right: auto;
}
#profile{
    width: 222px;
    text-align: right;
    margin-left: auto;
    margin-right: auto;
    
}
#changepassword{
    width: 268px;
    text-align: right;
    margin-left: auto;
    margin-right: auto;
    
}
#centerpro{
    width: 60px;
    margin-left: auto;
    margin-right: auto;
}
#centerpas{
    width: 120px;
    margin-left: auto;
    margin-right: auto;
}
#center{
    width: 150px;
    margin-left: auto;
    margin-right: auto;
    text-align: center;
}
</style>
</head> 
<body> 
<div id="container">
<div id="profile">
    <h3 align="center">Profile</h3>
<form action="newprofile.php" method="POST"> 
    Username: <input type="text" value="<?php echo ucfirst($username); ?>" readonly="readonly"><br /> 
    First Name: <input type="text" maxlength="25" id="UserNameChar" onkeypress="return inputLimiter(event,'UserNameChar')" name="fname" value="<?php echo ucfirst($dbfname); ?>"><br /> 
    Last Name: <input type="text" maxlength="25" id="UserNameChar" onkeypress="return inputLimiter(event,'UserNameChar')" name="lname" value="<?php echo ucfirst($dblname); ?>"><br /> 
    Email: <input type="text" maxlength="64" name="email" value="<?php echo ucfirst($dbemail); ?>"><br />
    <div id="centerpro"><input type="submit" name="edit" value="Submit"></div>
    <div id="center"><?php echo $success?></div>
</div>    
    <br />
    <br />
<div id="changepassword">
    <h3 align="center">Change Password</h3>
    Password: <input type="password" maxlength="32" name="password"><br /><br /> 
    New Password: <input type="password" maxlength="32" name="passwordnew"><br /> 
    Confirm Password: <input type="password" maxlength="32" name="passwordconf"><br /> 
    <div id="centerpas"><input type="submit" name="passchange" value="Change Password"></div>
    <div id="center"><?php echo $passsuccess$error?></div>
</form> 
</div>
</div>
</body> 
</html>
Smudly is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 06-30-2010, 11:22 PM Re: Take a look at this ugly code.
Extreme Talker

Posts: 173
Trades: 0
Talkupation: dgkindy is on a distinguished road
I like your code but was not able to spot any thing myself. Not sure what you are using to do your code with but I found an editor called CodeLobster that allows you to step through the code line by line which I find helpfull at time.
dgkindy is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to Take a look at this ugly code.
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > Take a look at this ugly code.

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.10396 seconds with 12 queries