php

system · November 2, 2012, 7:05am

[php]

<?php session_start(); if(isset($_SESSION['name'])) $myusername=$_SESSION['name']; $host="localhost"; // Host name $username="appointment123"; // Mysql username $password="************"; // Mysql password $db_name="appointment"; // Database name $tbl_name="users"; // Connect to server and select databse. mysql_connect("$host","$username","$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form //$myusername=$_POST['myusername']; $newpassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); //$mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); //$mypassword = mysql_real_escape_string($mypassword); $sql="UPDATE users SET mypassword='$newpassword' WHERE myusername='$myusername'"; //$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); header("location:password-updated.php"); // Mysql_num_row is counting table row //$count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row //if($count==1){ /*session_start(); $_SESSION['name']=$myusername; // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { header("location:login-failed.php");*/ ?>

[/php]

m11 · November 2, 2012, 6:17pm

OK?