PDA

View Full Version : Where I am wrong


Arif
01-02-2012, 10:02 PM
I made a reset password form; the PHP script is copied here, can someone pls let me know where I am making mistake, the query is not working

<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($email, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$email = get_magic_quotes_gpc() ? stripslashes( $email) : $email;
}

$email = function_exists("mysql_real_escape_string") ? mysql_real_escape_string( $email) : mysql_escape_string( $email);

switch ($theType) {
case "text":
$email = ( $email != "") ? "'" . $email . "'" : "NULL";
break;
case "long":
case "int":
$email = ( $email != "") ? intval( $email) : "NULL";
break;
case "double":
$email = ( $email != "") ? doubleval( $email) : "NULL";
break;
case "date":
$email = ( $email != "") ? "'" . $email . "'" : "NULL";
break;
case "defined":
$email = ( $email != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $email;
}
}
$email="";
mysql_select_db($database_conniBroker, $conniBroker);
$query_rsPW = "SELECT membership.Email FROM membership WHERE membership.Email = '$email' ";
$rsPW = mysql_query($query_rsPW, $conniBroker) or die(mysql_error());
$row_rsPW = mysql_fetch_assoc($rsPW);
$totalRows_rsPW = mysql_num_rows($rsPW);

$email=mysql_real_escape_string($email);
$status = "OK";
$msg="";
error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email,"@") OR !stristr($email,".")) {
$msg="Your email address is not correct<BR>";
$status= "NOTOK";}


echo "<br><br>";
if($status=="OK"){ $query_rsPW="SELECT membership.Email FROM membership WHERE membership.Email = '$email'";
$st=mysql_query($query_rsPW);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email;
if ($recs == 0) { echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='Registration.php'> Sign UP </a> </center>"; exit;}

$headers4="info@theibroker.com";
$headers.="Reply-to: $headers4\n";
$headers .= "From: $headers4\n";
$headers .= "Errors-to: $headers4\n";
$headers = "Content-Type: text/html; charset=iso-8859-1\n".$headers;

if(mail("$em","Your Request for login details","This is in response to your request for login detailst at site_name \n \nLogin ID: $row->userid \n Password: $row->password \n\n Thank You \n \n siteadmin","$headers")){echo "<center><font face='Verdana' size='2' ><b>THANK YOU</b> <br>Your password is posted to your email address . Please check your mail after some time. </center>";}
else{ echo " <center><font face='Verdana' size='2' color=red >There is some system problem in sending login details to your address. Please contact site-admin. <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}


}

else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
?>