session problem

Here's what I have now.

Basically what I need is to be able to change the password field in the database once the user logs in. Also, I need to allow the user to "log out" of the session.

How can I do this?

Current code:

<?php
session_start(); 

$db=mysql_connect("localhost","username","password");
mysql_select_db("database", $db);

//necessary?
/*

//check to see if sessions are set if not set them 
if(!isset($_SESSION['username']) or !isset($_SESSION['password'])){ 
if(!empty($_POST['username']) or !empty($_POST['password'])){ 
$_SESSION['username'] = $_POST['username']; 
$_SESSION['password'] = $_POST['password']; 
}
else{ 
echo'You left the username or password field blank.'; 
} 
}
*/

   echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
   echo "<head><title> {$title} </title>";

   echo '<style type="text/css">

         #forms { position:absolute;top:75px;left:200px;align:right;padding-bottom:5px;}
         #text { position:absolute; top:75px; left:125px; align:left;} 
         .text2 { padding-top:8px;} 
         .forms2 { padding-bottom:6px;} 
         #login {position:absolute;top:100px;left:75%;} 
         .nav{position:absolute; top:75px; left:10%; right:10%; width:80%;background-color:#0099FF;text-align:right;a}
         .input{width:100px;} </style>
          </head><body>';
   

$logout = '<a href="logout.php">Logout</a>';

   echo '<div class="nav"><a href="index.php">Home</a> |', $logout  , ' | <a href="register.php">Register</a> | <a href="links.php">Links</a> | <a href="faq.php">FAQ</a></div>';


if(isset($_SESSION['username']) or isset($_SESSION['password']))
{
   echo "Welcome Back, " . $_SESSION['username'] . ", you are still logged in.";
}


//Query the database for the username and password combination
$query = "SELECT User, Password FROM user WHERE User = '$_POST[username]' AND Password = '$_POST[password]'";
$result = mysql_query($query);

$row = mysql_fetch_array($result, MYSQL_NUM); 



//Query the database for the username and password combination
$query = "SELECT User, Password FROM user WHERE User = '$_POST[username]' AND Password = '$_POST[password]'";
$result = mysql_query($query);

$row = mysql_fetch_array($result, MYSQL_NUM); 
if($row) 
{ 

$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['password'];

    echo "Welcome " . $_SESSION['username'] . ", you have logged in.";



echo "<div id=\"login\"><form action=\"index.php\" method=\"post\">
         Edit Password:<br>
         Confirm Password: <input type=\"text\" name=\"password\" cols=\"60\" class=\"input\"><br>
         New Password: <input type=\"password\" name=\"newpass\" cols=\"60\" class=\"input\"><br>
         <input type=\"submit\"></form></div>";

$password = $_POST['password'];
$new_pass = $_POST['newpass'];


$query = "Update user SET Password = '$new_pass' WHERE User = '$_SESSION[username]' AND Password = '$_SESSION[password]'";
$result = mysql_query($query)
   or die("Query failed: ".mysql_error());





//debug info
echo $_SESSION['username'] ." and ". $_SESSION['password'];

}

else
{

   echo "<div id=\"login\"><form action=\"index.php\" method=\"post\">
         Login:<br>
         Username: <input type=\"text\" name=\"username\" cols=\"60\" class=\"input\"><br>
         Password: <input type=\"password\" name=\"password\" cols=\"60\" class=\"input\"><br>
         <input type=\"submit\"></form></div>";


   echo "Wrong username or password. Please try again.";
}


?>

PHP:

 

logout.php will contain

<?
session_destroy();
header("location : index.php"); // change accordingly
exit;
?>

PHP:

and I'm just looking at the rest, one sec....

EDIT: Before I carry on, this is real unsafe, firstly passwords aren't crypted, also, you should never store username / password in the $_SESSION super global, instead store a uid, and something like $_SESSION['authed'] to test authentication.

Also, does updating passwords not work ?

 

I'm not really worried about security. This will never be used with sensative data or commercial use.

Updating password doesn't work - but I assume that isn't because the query's bad, but rather because the sessions/form has a problem.

 

change line 89 to :

$query = "Update user SET Password = '$new_pass' WHERE User = '$_SESSION[username]' AND Password = '$_POST[password]'";

see if that works....

 

hmm... well, now it won't even show the edit password form. The session is like carried over. At the top is says:

Welcome Back, test, you are still logged in. Wrong username or password. Please try again.

*followed by login form*