0

I would like to pass the oldPassword, newPassword, newPasswordAgain values to ChangePassword.php after I checked the validity of the data with a javascript function. Here is the form and the javascript:

<?php
session_start();
?>

<!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" type="text/css" href="../style/style.css">
    </head>
    <body>
        <div class="navbar">
            <ul>
                <li><a href="../Pages/Main.php">Home</a></li>
                <li><a href="../Pages/Rules.php">Rules</a></li>
                <li><a href="../Pages/Builds.php">Builds</a></li>
                <li><a href="../Pages/Events.php">Events</a></li>
                <li><a href="../Pages/Calendar.php">Calendar</a></li>
                <li style="float:right"><a class="active" href="../Pages/UserSettings.php"><?php echo $_SESSION["username"]; ?></a></li>
            </ul>
        </div>

        <div class="changepasswd_bg">
            <div class="absolute">

                <form name="changePasswordForm"   method=POST action="../Pages/ChangePassword.php"  onsubmit="return validateForm()">
                    <input  type="password" name="oldPassword"  placeholder="Old password" size="100"><br>
                    <input  type="password" name="newPassword"  placeholder="New password" size="100"><br>
                    <input  type="password" name="newPasswordAgain"  placeholder="New password again" size="100"><br>
                    <input type="submit" value="Change" size="70">

                </form>

                <h2 id="output"></h2><br>
                <h2 id="debug"></h2>
            </div>

        </div>

        <script>
            function validateForm() {

                var oldX = document.forms["changePasswordForm"]["oldPassword"].value;
                var newX = document.forms["changePasswordForm"]["newPassword"].value;
                var newXAgain = document.forms["changePasswordForm"]["newPasswordAgain"].value;

                //ki kell tölteni a mezőket
                if (oldX === null || oldX === "" || newX === null || newX === "" || newXAgain === null || newXAgain === "") {
                    document.getElementById("output").innerHTML = "All field need to fill";
                    document.getElementById("debug").innerHTML = masterPass;
                    return false;
                } // a régi passwordnek a megadottal egyezni kell 
                else if ('<?php echo $_SESSION["password"] ?>'.toString() !== oldX.toString()) {
                    document.getElementById("output").innerHTML = "The original passwords are not matches";
                    return false;
                } else if (newX !== newXAgain) {
                    document.getElementById("output").innerHTML = "The new passwords are not matches";
                    return false;
                } else {

                    document.getElementById("output").innerHTML = "OK";
                    return true;
                }
            }
        </script>


    </body>

</html>

And here is the ChangePassword.php:

<?php
session_start();
?>

<!DOCTYPE html>

<?php
include '../Database/Connect.php';

$oldPassword = $_GET["oldPassword"];
$newPassword = $_GET["newPassword"];
$newPasswordAgain = $_GET["newPasswordAgain"];
if (strlen($oldPassword) == 0 || strlen($newPassword) == 0 || strlen($newPasswordAgain) == 0) {
    echo "valamelyik 0 hosszu";
    echo $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;
    //header("Location: ../Pages/SomethingWrong.php");
} else if ($_SESSION["password"] !== $oldPassword) {
    echo "a session és az ild password nem egyezik";
    echo $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;
    // header("Location: ../Pages/SomethingWrong.php");
} else if ($newPassword !== $newPasswordAgain) {
    echo "a két password nem egyezik";
    echo $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;
    // header("Location: ../Pages/SomethingWrong.php");
} else {
    echo "minden ok " . $_SESSION["password"] . " " . $oldPassword . " " . $newPassword . "  " . $newPasswordAgain;

}
?>

The result is these errors: (also i cant see on the header the variable values. like: http://ChangePassword.php?name=value ... etc)

Notice: Undefined index: oldPassword in D:\apache\htdocs\Pages\ChangePassword.php on line 10

Notice: Undefined index: newPassword in D:\apache\htdocs\Pages\ChangePassword.php on line 11

Notice: Undefined index: newPasswordAgain in D:\apache\htdocs\Pages\ChangePassword.php on line 12

valamelyik 0 hosszuEzredes123

Alok Patel
  • 7,842
  • 5
  • 31
  • 47
Erdős András
  • 63
  • 5

2 Answers2

2

your using $_GET but your method is post. so change it to $_POST

hungrykoala
  • 1,083
  • 1
  • 13
  • 28
2

You need to use $_POST for your scenario

$oldPassword = $_POST["oldPassword"];
$newPassword = $_POST["newPassword"];
$newPasswordAgain = $_POST["newPasswordAgain"];

Passing sensitive information:

It is safer to use an SSL socket when passing sensitive information over the Internet.

For more information on this, consult the following on Stack:

Community
  • 1
  • 1
Mohan Raj
  • 447
  • 1
  • 5
  • 18