Eggie 0 Report post Posted February 5, 2008 While trying to make password recovery script for "bhupinunder" i run into a problem...i made this: <?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die ("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method=post action=restore.php?recover=answer><?php print"Email:</td><td><input type=text name=email></td></tr>";?><P><INPUT TYPE=submit VALUE=Submit!></P></form><?phpif ($recover=answer) print"$email";?>and it doesn't print anything...but if i put it like this<?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die ("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method=post action=restore.php?recover=answer><?php print"Email:</td><td><input type=text name=email></td></tr>";?><P><INPUT TYPE=submit VALUE=Validate it!></P></form><?phpif ($recover=answer) print"ssss";?> it just shows that form and prints ssss how do i make it that i type email and click submit that the email is stored in "$email"if someone help me with that i don't think that i'll have any problems storing it in mysql! pls respond Share this post Link to post Share on other sites
turbopowerdmaxsteel 0 Report post Posted February 5, 2008 email is the name of the field in the form, correct? Depending on the HTTP method of submission you are using for the form, you can retrieve the values as:-$_GET['email'] for GET method$_POST['email'] for POST method Share this post Link to post Share on other sites
Quatrux 4 Report post Posted February 5, 2008 It's one of the worst things I ever saw in a while, but anyway, I just fixed some things, it might work, I didn't test anything by myself, but I guess it should work, even though I think you're still learning and are just practicing, this is why I just fixed some stuff. <?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method="post" action="restore.php?recover=answer"><tr><td>Email:</td><td><input type="text" name="email"></td></tr><p><input type="submit" value="Submit!"></p></form><?phpif ($_GET['recover'] == 'answer') echo $_POST['email'];?> Share this post Link to post Share on other sites
Eggie 0 Report post Posted February 5, 2008 (edited) <?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method="post" action="restore.php?recover=answer"><tr><td>Email:</td><td><input type="text" name="email"></td></tr><tr><td>pass:</td><td><input type="password" name="pass"></td></tr><p><input type="submit" value="Submit!"></p></form><?phpif ($_GET['recover'] == 'answer') mysql_query("update users set userpass=$_POST['pass'] where email=$_POST['email']") or die(mysql_error());?> whats wrong now?(i should have asked from the start for someone to solve it now now when no one will answer)Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/jaskaran/public_html/restore.php on line 11 Edited February 5, 2008 by Eggie (see edit history) Share this post Link to post Share on other sites
turbopowerdmaxsteel 0 Report post Posted February 6, 2008 (edited) Use $_POST outside of the double quotes. if ($_GET['recover'] == 'answer') mysql_query("update users set userpass=" . $_POST['pass'] . "where email=" . $_POST['email']) or die(mysql_error()); Edited February 6, 2008 by turbopowerdmaxsteel (see edit history) Share this post Link to post Share on other sites
Eggie 0 Report post Posted February 6, 2008 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'email=jurica@mail.com' at line 1 Share this post Link to post Share on other sites
Eggie 0 Report post Posted February 6, 2008 solved again )) mysql_query("UPDATE users SET userpass = '".md5($_POST['pass'])."' WHERE email = '".$_POST['email']."'") or die(mysql_error()); pls put [sOLVED] in the topic name(and delete this) Share this post Link to post Share on other sites
iGuest 3 Report post Posted September 9, 2009 well their really isn't any confirmation.. Like what happened after you enter the user and pass.. It just changes the username and pass without verification.. So you could just put anyone's user and pass in.. -reply by nate Share this post Link to post Share on other sites