PHP get password ?

Permabanned
Joined
19 Oct 2007
Posts
6,322
Location
.
can anyone tell me whats missing from these lines of coding... im just getting a blank page wether i submit matching correct username and passwords or incorrect ones.

All the naming is correct and matches up with the sql database

Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>books4u</title>
<style type="text/css">
<!--
#Layer1 {
	position:absolute;
	width:108px;
	height:115px;
	z-index:1;
}
#Layer2 {
	position:absolute;
	width:355px;
	height:247px;
	z-index:2;
	left: 159px;
	top: 271px;
}
#Layer3 {
	position:absolute;
	width:754px;
	height:263px;
	z-index:2;
	left: 139px;
	top: 234px;
}
-->
</style>
</head>

<body>
<p align="center"><a href="index.html"><img src="logo.png" width="473" height="200" border="0" /></a></p>
<div id="Layer1">
  <p><a href="addbooks.php"><img src="books.png" width="100" height="50" border="0" /></a></p>
  <p><a href="search.html"><img src="search.png" width="100" height="50" border="0" /></a></p>
  <p><a href="reviews.html"><img src="reviews.png" width="100" height="50" border="0" /></a></p>
  <p><a href="http://puma.marjon.ac.uk/phpMyAdmin" target="_top"><img src="admin.png" width="100" height="50" border="0" /></a></p>
</div>
<p>&nbsp;</p>
<div id="Layer3">
  <p align="left">Request Login Details</p>
  <form NAME="GetCode" ACTION="requestpassword.php" METHOD=post>
    <P><b>Fill in the following fields then click 'Send' at the bottom of the page.</b> 
  </P>             
  <p>Username  
    <INPUT Name ="customerID" size = 20 id="customerID" >
  </p>
                                   
  <P>Email Address 
    <INPUT Name ="email" size = 20 id="email" >
  </P>
                    
  <p>
    <input type="submit" value="Send" name="SUBMIT" >
 </p>
  
  <div align="left">
    <p><A href="index.html" target="_self">BACK TO WEBSITE</A></p>
 </div>
</form>
  <p>&nbsp;</p>
  </div>
<p>&nbsp;  	</p>
</body>
</html>

Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Request Password</title>
</head>
<body>
<?php
# connect to MySQL
$connect = @mysql_connect("localhost","******","******")
or die ("sorry - could not connect to MySQL"); 

# select the specified database
$dbselect = @mysql_select_db("*****", $connect)
or die ("sorry - could not connect to the database");

$email = $_POST['email'];
$sql = mysql_query("SELECT * FROM `customers` WHERE `email` = '$email'"); // Selects email details from customer database
$details = mysql_fetch_array($sql); // Fetches variables from database

echo "Users details are:<br />"
echo $details['username'] . "<br />";
echo $details['password'] . "<br />";
echo $details['email'];  
or die ("Sorry - could not output password");
?>
</body>
</html>

Gotta hand this in tommorow at one, also gotta make a reviews page which aint working either lol! thank god my user registration and book registration pages work! but they dont GET info they SEND it (even though in their code they use the GET and not POST features :S
 
Tested quickly on my local server.

PHP:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Request Password</title>
</head>
<body>
<?php
# connect to MySQL
$connect = @mysql_connect("localhost","****","*****")
or die ("sorry - could not connect to MySQL"); 

# select the specified database
$dbselect = @mysql_select_db("test", $connect)
or die ("sorry - could not connect to the database");

$email = $_POST['email'];
$sql = mysql_query("SELECT * FROM `customers` WHERE `email` = '$email'"); // Selects email details from customer database
$details = mysql_fetch_array($sql); // Fetches variables from database

echo "Users details are:<br />";
echo $details['username'] . "<br />";
echo $details['password'] . "<br />";
echo $details['email'] 
or die ("Sorry - could not output password");
?>
</body>
</html>

TBH this is a really bad way of getting username's / passwords, it should be sent via email.
 
Last edited:
Back
Top Bottom