Dear Shawn. Hooray, you've solved my problem. Thank you....very....very....much. I really appreciate it. Thanks, Buddy. === On Tue, 01 Sep 2009 16:22:39 -0500 Shawn McKenzie <nospam@xxxxxxxxxxxxx> wrote: > Ricky Tompu Breaky wrote: > > Dear my friends, > > > > I am learning a PHP implementation with MyMarket now. I got it from > > http://sourceforge.net/projects/mymarket/files/mymarket/mymarket-1.72/mymarket-1.72.tar.gz/download . > > > > I have installed and configured its > > '/var/www/html/mymarket/application.php' to the login account of my > > MySQL and I've been able to do login: > > " > > <? > > /* $RCSfile: application.php,v $ (c) 2000 Ying Zhang > > (ying@xxxxxxxxxxxxxxx) > > * > > * $Revision: 1.7 $ > > * $Date: 2002/09/23 17:31:17 $ > > * $Author: yingz $ > > * > > error_reporting(15); > > class object {}; > > $CFG = new object; > > $CFG->dbhost = "localhost"; > > $CFG->dbname = "mymarket"; > > $CFG->dbuser = "mymarket"; > > $CFG->dbpass = "mypassword"; > > $CFG->wwwroot = "http://127.0.0.1/mymarket";; > > $CFG->dirroot = dirname(__FILE__); > > $CFG->templatedir = "$CFG->dirroot/templates"; > > $CFG->libdir = "$CFG->dirroot/lib"; > > $CFG->imagedir = "$CFG->wwwroot/images"; > > $CFG->icondir = "$CFG->imagedir/icons"; > > $CFG->bannerdir = "$CFG->imagedir/banners"; > > $CFG->support = "support@xxxxxxxxxxxx"; > > $CFG->version = "1.71"; > > $CFG->sessionname = "mymarket"; > > > > $CFG->showsponsor = true; // enabled banner > > advertising $CFG->currency = "$"; > > $CFG->currencyfirst = true; // show the currency symbol > > before the price tag > > > > $DB_DEBUG = true; > > $DB_DIE_ON_FAIL = true; > > > > require("$CFG->libdir/stdlib.php"); > > require("$CFG->libdir/dblib.php"); > > require("$CFG->libdir/mymarket.php"); > > require("$CFG->libdir/cart.php"); > > > > $ME = qualified_me(); > > > > ini_set("session.name", $CFG->sessionname); > > session_start(); > > session_register("USER"); > > session_register("CART"); > > > > if (! isset($_SESSION["USER"])) { > > $_SESSION["USER"] = array(); > > } > > > > if (! isset($_SESSION["CART"])) { > > $_SESSION["CART"] = new Cart; > > } > > > > $USER = &$_SESSION["USER"]; > > $CART = &$_SESSION["CART"]; > > > > db_connect($CFG->dbhost, $CFG->dbname, $CFG->dbuser, $CFG->dbpass); > > ?> > > ==== > > > > The default password of MyMarket for 'root' (administrator account) > > is 'password'. I have checked that my MySQL use 'md5()' as the > > default encryption method. > > > > I can do login. But the problem is, I can not change the password of > > root. The error message is: > > " > > Errors > > Your old password is invalid > > ". > > > > I've taken a look which script does the password replacement and I > > found it is '/var/www/html/mymarket/users/change_password.php' in > > that script I've found the function and edit it for investigating > > where the problem resides: > > " > > <? > > /* change_password.php (c) 2000 Ying Zhang (ying@xxxxxxxxxxxxxxx) > > * > > */ > > include("../application.php"); > > require_login(); > > if (match_referer() && isset($_POST)) { > > $frm = $_POST; > > $errormsg = validate_form($frm, $errors); > > > > if (empty($errormsg)) { > > update_password($frm["newpassword"]); > > $noticemsg = "Password change successful"; > > } > > } > > > > $DOC_TITLE = "Change Password"; > > include("$CFG->templatedir/header.php"); > > include("$CFG->templatedir/form_header.php"); > > include("templates/change_password_form.php"); > > include("$CFG->templatedir/footer.php"); > > > > function validate_form(&$frm, &$errors) { > > $errors = new Object; > > $msg = ""; > > if (empty($frm["oldpassword"])) { > > $errors->oldpassword = true; > > $msg .= "You did not specify your old password"; > > } elseif (! password_valid($frm["oldpassword"])) { > > $errors->oldpassword = true; > > $msg .= "Your old password is invalid"; > > } elseif (empty($frm["newpassword"])) { > > $errors->newpassword = true; > > $msg .= "You did not specify your new password"; > > } elseif (empty($frm["newpassword2"])) { > > $errors->newpassword2 = true; > > $msg .= "You did not confirm your new password"; > > } elseif ($frm["newpassword"] != $frm["newpassword2"]) { > > $errors->newpassword = true; > > $errors->newpassword2 = true; > > $msg .= "Your new passwords do not match"; > > } > > return $msg; > > } > > > > function password_valid($password) { > > global $USER; > > > > $username = $SUSER["user"]["username"]; > > $password = md5($password); > > $qid = db_query("SELECT 1 FROM users WHERE username = > > '$username' AND password = '$password'"); /* Here my investigator */ > > echo db_num_rows($qid)."-->"."SELECT 1 FROM users WHERE > > username = '$username' AND password = '$password'"; /* end of my > > investigator */ return db_num_rows($qid); } > > > > function update_password($newpassword) { > > global $USER; > > $username = $USER["user"]["username"]; > > $newpassword = md5($newpassword); > > $qid = db_query("UPDATE users SET password = '$newpassword' > > WHERE username = '$username'"); } > > ?> > > ". > > > > And the result is: > > " > > 0-->SELECT 1 FROM users WHERE username = '' AND password = > > '5f4dcc3b5aa765d61d8327deb882cf99' ". > > So the user variable is empty, that's why. > > > > Now, my problem is I don't know my the PHP Script on my Apache2 > > of Mandriva 2009.1 does not store the session variable? > > > > Anybody has ever found the same problem as mine? Please share it to > > me. > > > > Please tell me my mistake. > > > > Thank you very much in advance. > > Well that's a lot of code to look through and still not enough > code :-) > > Just glancing through it in function update_password() I would expect: > > $username = $SUSER["user"]["username"]; > > to actually be: > > $username = $USER["user"]["username"]; > > Don't know where the S in $SUSER came from. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
