I am creating a changepassword script and can find the $user = $_COOKIE[user];
I want the $user to be the login user any thoughts?
<?
ob_start();
session_start();
if(!isset($_COOKIE["id"]))
{
header("Location: login.php");
}
else
{
include("header.php");
session_start();
//session_register("session");
//if(!isset($session['userid'])){
//echo "<center><font face='Verdana' size='2' color=red>Sorry, Please login and use this page </font></center>";
//exit;
//}
// This is displayed if all the fields are not filled in
$user = $_COOKIE[user];
//include 'user.php';
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
if (!isset($_POST['password1'])) {
$smarty->assign('message', $message);
$smarty->display('changepassword.tpl');
}
elseif (empty($password1) || empty($password2)) {
echo $empty_fields_message;
}
else {
//include 'includes/connection.php';
$db_password1=md5(mysql_real_escape_string($password1));
//Setting flags for checking
$status = "OK";
$msg="";
if ( strlen($password1) < 3 or strlen($password1) > 10 ){
$msg=$msg."Password must be more than 3 characters in length and maximum 10 characters in length<BR>";
$status= "NOTOK";}
if (strcmp( $password1,$password2 ) !=0){
$msg=$msg."Both passwords do not match<BR>";
$status= "NOTOK";}
if($status<>"OK"){
echo "<font face='Verdana' size='2' color=red>$msg</font><br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>";
}else{ // if all validations are passed.
if(mysql_query("UPDATE pp_user SET pass='$db_password1'where user= '$user'"));
{
echo "<font face='Verdana' size='2' ><center>Thanks ". $user ."<br> Your password changed successfully. Please keep changing your password for better security</font></center>". $password1;
}
}
}
}
?>
