Forgot password help

In my login.php file I got a forgot password text field as well so the user can put their email address in and have a email sent containing their password

But am getting the following error and have no idea why

Login Failed. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' WHERE 'username' ='.'' at line 1

Any ideas

Thank you in advance

Ian

There's an error with your mysql query. It's a syntax error. Can you post your whole code and I might be able to re-write the query for you so it works.

I believe it's your use of the 3rd single quote. Try something like:



Kind regards,

NM.

Hi Nanomech

Thank you for the reply, I have pasted the whole code from the login.php page below

[CODE]
<?php

// First we execute our common code to connection to the database and start the session
require("common.php");

// This variable will be used to re-display the user's username to them in the
// login form if they fail to enter the correct password. It is initialized here
// to an empty value, which will be shown if the user has not submitted the form.
$submitted_username = '';

// This if statement checks to determine whether the login form has been submitted
// If it has, then the login code is run, otherwise the form is displayed
if(!empty($_POST))
{
// This query retreives the user's information from the database using
// their username.
$query = "
SELECT
id,
username,
password,
salt,
email
FROM users
WHERE
username = :username
";

// The parameter values
$query_params = array(
':username' => $_POST['username']
);

try
{
// Execute the query against the database
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
// Note: On a production website, you should not output $ex->getMessage().
// It may provide an attacker with helpful information about your code.
die("Failed to run query: " . $ex->getMessage());
}

// This variable tells us whether the user has successfully logged in or not.
// We initialize it to false, assuming they have not.
// If we determine that they have entered the right details, then we switch it to true.
$login_ok = false;

// Retrieve the user data from the database. If $row is false, then the username
// they entered is not registered.
$row = $stmt->fetch();
if($row)
{
// Using the password submitted by the user and the salt stored in the database,
// we now check to see whether the passwords match by hashing the submitted password
// and comparing it to the hashed version already stored in the database.
$check_password = hash('sha256', $_POST['password'] . $row['salt']);
for($round = 0; $round < 65536; $round++)
{
$check_password = hash('sha256', $check_password . $row['salt']);
}

if($check_password === $row['password'])
{
// If they do, then we flip this to true
$login_ok = true;
}
}

// If the user logged in successfully, then we send them to the private members-only page
// Otherwise, we display a login failed message and show the login form again
if($login_ok)
{
// Here I am preparing to store the $row array into the $_SESSION by
// removing the salt and password values from it. Although $_SESSION is
// stored on the server-side, there is no reason to store sensitive values
// in it unless you have to. Thus, it is best practice to remove these
// sensitive values first.
unset($row['salt']);
unset($row['password']);

// This stores the user's data into the session at the index 'user'.
// We will check this index on the private members-only page to determine whether
// or not the user is logged in. We can also use it to retrieve
// the user's details.
$_SESSION['user'] = $row;

// Redirect the user to the private members-only page.
header("Location: loginsuccess.php");
die("Redirecting to: loginsuccess.php");
}
else
{
// Tell the user they failed
print("Login Failed.");

// Show them their username again so all they have to do is enter a new
// password. The use of htmlentities prevents XSS attacks. You should
// always use htmlentities on user submitted values before displaying them
// to any users (including the user that submitted them). For more information:
// http://en.wikipedia.org/wiki/XSS_attack
$submitted_username = htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8');
}
}
?>

<?php
if(isset($_POST['submit']))
{
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());

$username = $_POST['username'];
$sql = "SELECT 'username', 'password' FROM users' WHERE 'username' ='$username.'";

$query = mysql_query($sql);

if(!$query)
{
die(mysql_error());
}

if(mysql_affected_rows() != 0)
{
$row=mysql_fetch_array($query);
$password=$row["password"];
$email=$row["email"];
$subject="your password";
$header="from:noreply@cptevents4.co.uk";
$content="your password is $pass";
mail($email, $subject, $row, $header);
print "An email containing the password has been sent to you";
}
else
{
echo("no such login in the system. please try again.");
}
}
?>
<html>
<head>
<title>Login</title>
<link rel="stylesheet" type="text/css" href="css/overlay.css" />
<style type="text/css">
#login {
font-family:Verdana;
font-size:14px;
color: #000000;
margin-left:190px;
margin-top:50px;
}

ul {
list-style-type:none;
}

li {
font-family:Verdana;
font-size:14px;
color: #000000;
background: #66F;
padding:4px;
}

a:hover {
color: #000000;
}

a:active {
color: #0CF;
}

/* Step 1: Main navigation styles */

#navigation {
width: 240px;
margin-left: 130px;
margin-top: 5px;
padding: 0;
list-style: none;
background: #4a4b8e;
color: #fff;
font-family: Verdana;
font-size:12px;
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
}

#navigation > li {
display: block;
width: 210px;
background: #4a4b8e;
font-family: Verdana;
font-size: 12px;
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
}

#navigation > li > a {
display: block;
height: 10px;
padding: 1em;
font-family: Verdana;
font-size: 12px;
font-weight: bold;
text-transform: uppercase;
color: #ffff84;
text-decoration: none;
}

#navigation > li > a:hover {
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
background: #000e8c;
color: #ffbf00;
}

/* Step 2: Submenu styles */

#navigation > li.sub {
position: relative;
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
}

#navigation > li.sub ul {
margin: 0;
padding: 0;
width: 255px;
list-style: none;
font-family: Verdana;
font-size:12px;
color: #fff;
position: absolute;
left: -1120em;
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
}

#navigation > li.sub ul li {
display: block;
width: 100%;
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
}

#navigation > li.sub ul li a {
height: 10px;
display: block;
color: #000000;
font-size: 12px;
font-weight: bold;
text-decoration: none;
padding: 1em;
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
background: #e6f2ff;
}

#navigation > li.sub ul li a:hover {
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
font-family: Verdana;
font-size: 12px;
color: #FFFFFF;
background: #0030bf;
}

/* Step 3: Hover effect */

#navigation > li.sub:hover ul {
border-radius: 20px;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
top: 0;
left: 215px;
}

#forgotpw {
font-family: Verdana;
font-size: 14px;
color: #000000;
margin: 0 0 0 19%;
}

#registerbtn {
margin: 0 0 0 0;
}
</style>

<script type="text/javascript" src="js/aJax.js"></script>

</head>
<body>

<img src="images/header.png" style="margin-left:130px;" alt="CPT Events" title="CPT Events">

<div class="popOverlay"></div>
<div class="loginPass">
<button class="profileButton"></button>
</div>
<div id="register">
<div style="width:900px;">

<div id="login">
<h1>Welcome to the Login page</h1>
<div id="registerbtn">
You must have registered. If you have not registered, <a href="register.php">click here</a>
</div>
<br>
<form action="login.php" method="post">
Username:<br />
<input type="text" name="username" id="username" value="<?=$submitted_username; ?>" />
<br /><br />
Password:<br />
<input type="password" name="password" id="password" value="" />
<br>
<input type="submit" name="login" id="login" class="buttons" value="Log In Now" style="margin-left: -1px; margin-top:8px;" onClick="validLogin()" />
<br /><br />
When registered, we sent a email containing your username and password
</form>
</div>
</div>
<br />
<div id="forgotpw">
Forgot Password - use form below to reset the password
<br>
<form name="forgot" method="post" action="<?php $_SERVER['PHP_SELF'];?>">
<p><label for="email">Email:</label>
<input name="email" type="text" value="<?=$email; ?>" size="25"/>
</p>
<input type="submit" name="submit" value="submit"/>
<input type="reset" name="reset" value="reset"/>
</form>
</div>
</body>
</html>
[CODE]

Switch your query to this.

Although the error is apparently at line 1. :S



Let me know!

Regards,

NM.

I changed that line of coding and got the following error

Login Failed. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Can you post the whole error message please?

In the meantime try this:


Check the error message for the file in which the error is located.

Regards,

NM.

I put in the following

$sql = "SELECT username, password FROM users WHERE username={$username}";

and got this error, that is all I see in the error message

Login Failed. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Hmm I'm stumped then dude. The error message is indicating line 1 but there is absolutely no syntactical errors which I can see, we've tried modifying the query and it's still not worked.

I think the error could possibly lie in another file?

It's bugging me! I've got to go in 10 minutes. Have a quick look round your included files.

Regards,

NM.

Only other php files is the common.php and register.php file

To be honest, I am not too sure what I am looking for

Hi,

the SQL error comes from the single quotes everywhere, which shouldn't be there. Identifiers in SQL (table names, column names etc.) must not be in single quotes. They either have no quotes at all or backticks: ``.

But that should actually be your least concern. No offense, but your script looks pretty weird and has massive security holes -- it's like you copied and pasted two completely different codes and simply merged them. The first part uses PDO and looks good (I guess that's from E-Oreo?). The second part suddenly opens a new database connection and uses the old MySQL extension. And that part is wide open to SQL injections, so anybody can fetch all your members' passwords. And are those stored as plaintext??? That would be a disaster. I really hope this code isn't online yet.

I have just purchased a all in one, it has got a login, registration and forgot password form all built in

I got it from codecanyon so hopefully is all secure

Just implementing it now

Ian

What? The first part is clearly by E-Oreo, so how could you have bought it from codecanyon?

If you actually did buy that like it is, it's a complete rip-off. They've obviously stolen stuff from the internet and added some terrible code to it.

No, it's not secure. Any moron can "hack" this in a matter of minutes.

This is the one I got

http://codecanyon.net/item/secure-loginregister-and-user-management/2826719?sso?WT.ac=search_item&WT.seg_1=search_item&WT.z_author=jakweb