Jump to content

Need help with something


Recommended Posts

I am working on a mod that I got off of here quite a while back I believe it was killahs password protect without sql mod. Anyway I have made it where each user can have their own password for which ever page I place it on, right now its for my staff panel. Anyway, once I promote the user to staff they receive their temporary password that will allow them to login but that password expires after 24 hours. So once they login they have to change their password. Well the problem I am having is it won't update the said column in the database. here is the bit of code which I have taken from preferences and change it around some to work with this.


function pass_change()
global $ir,$c,$userid,$h;
print "<h3>Staff Panel Password Change</h3><form action='staff.php?action=passchange2' method='post'>
Current Password: <input type='password' name='oldpw' />

New Password: <input type='password' name='newpw' />

Confirm: <input type='password' name='newpw2' />

<input type='submit' value='Change PW' /></form>";
function do_pass_change()
global $db,$ir,$c,$userid,$h;
if($_POST['oldpw'] != $ir['staffpass'])
print "The current password you entered was wrong.

[url='staff.php?action=passchange']> Back[/url]";
else if($_POST['newpw'] !== $_POST['newpw2'])
print "The new passwords you entered did not match!

[url='staff.php?action=passchange']> Back[/url]";
$string = $_POST['newpw'];
$salt = 's+(_a*';
$hash = md5($string.$salt);
$db->query("UPDATE users SET staffpass= $hash WHERE userid=$userid");
print "Password changed!";


That is what I am using in hopes that I can get it to work. If I am doing something wrong then please let me know what it is so I can fix it. I have been working on this for about 3 hours now with no luck so I thought I would turn to the good members of CE for help. Oh and this is the error I am getting when I try to use that.


QUERY ERROR: Unknown column '------------------------------------------------' in 'field list'
Query was UPDATE users SET staffpass= ------------------------------------------------- WHERE userid=1


and yes I left out the result of the md5($string.$salt); lol don't know if it matters or not but hey better to be safe than sorry. I am new to all of this still yet but I am trying to learn things on my own and what better way to learn than do it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...