1

I want to reset user password using php. i got user's current and new password from html form . here's php script to reset password. But it always executes else part even if user enters correct password. how?any solution? i know there might be a simple error but i'm new at this and couldnt find any error.

 $uid = $_SESSION['uid'];
    $current_pass = $_POST['org_pass'];
    $new_pass = $_POST['new_pass'];

    if(isset($_POST['submit']))
    {
            $act_pass = $db_con->prepare("SELECT password FROM user WHERE u_id= ?");
            $act_pass->bindParam(1,$uid);

            $act_pass->execute();

            $actual_pass = $act_pass->fetchColumn();

            define('SALT', 'flyingrabbit');

            $typed_pass = md5(SALT.$actual_pass);

            if ($typed_pass == $current_pass)
            {
                $new_pass1 = md5(SALT . $new_pass);

                $res = $db_con->prepare("UPDATE user SET password= ? WHERE u_id=?");
                $res->bindParam(1,$new_pass1);
                $res->bindParam(2,$uid);

                $res->execute();

                 header("Location: profile.php"); 
                 exit;
            }
            else
            {


                   echo "<script type=\"text/javascript\">window.alert(\"You entered wrong password.\");window.location.href = 'profile.php';</script>";

             }

    }
Improve this question
10
  • Do you mean to replace $current_pass with $actual_pass? Commented Jan 13, 2014 at 15:08
  • i want to replace $actual_pass with $new_pass. $current_pass ..user enters in html form which is his password. $actual_pass is users password stored in db. Commented Jan 13, 2014 at 15:10
  • 2
    You specified: if ($typed_pass == $current_pass) Are you 100% positive that this is what you want? It seems to me like you should be doing: if ($typed_pass == $actual_pass) For typed_pass, you're turning the password in the database into the hash. You should be doing this to the input, not what's in the database. Commented Jan 13, 2014 at 15:11
  • 2
    There are so many things wrong here. First you just assume you're getting a row back. Your salt is a constant, which is insecure, and you're using md5 which is also insecure. Finally success and failed logins effectively do the exact same thing: take you to profile.php without starting a session or setting any kind of var. Commented Jan 13, 2014 at 15:20
  • 1
    @jeroen good point; in which case I would refer OP to stackoverflow.com/questions/19103340/… Commented Jan 13, 2014 at 15:28

3 Answers 3

Reset to default
2

This looks wrong:

$actual_pass = $act_pass->fetchColumn();

// ...

$typed_pass = md5(SALT.$actual_pass);

if ($typed_pass == $current_pass)

You are hashing the information you got from the database which - I assume - is already hashed.

You probably want:

$actual_pass = $act_pass->fetchColumn();

// ...

$typed_pass = md5(SALT.$current_pass);

if ($typed_pass == $actual_pass)

Note that md5 is not recommended to hash passwords.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

ohh..right. thanks. And about md5. i searched google and read 1 or 2 books about encryption and they recommend md5. how?
@HungryDB Check the link at the bottom of my answer.
2

You should compare hashed $current_pass and **$actual_pas**s.

Replace

$typed_pass = md5(SALT.$actual_pass); with $typed_pass = md5(SALT.$current_pass); $typed_pass == $current_pass with $typed_pass == $actual_pass

Improve this answer

Comments

1

It goes to the else statement because you compare $typed_pass == $current_pass but on the previous line you do this $typed_pass = md5(SALT.$actual_pass) you compare a hashed, salted password to a plain text password

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.