Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am trying to enable users to change their password.
I keep getting the user name and password are not in the file and I suspect the password is not correctly readable by the script, maybe because of the md5 encryption. Is there any error on my SQL query?
$query = "SELECT * FROM users WHERE name='$e' AND pass='".md5($p)."'";
$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error());
$num = mysql_num_rows($result);
Instead of building up your query with concatenation, you should look into using PHP Data Objects (PDO).
Not only will it likely fix your error, it will also fix your current Sql Injection vulnerability.