How to get started debugging a PHP script -

How to get started debugging a PHP script -

i pretty new php, debugging isn't familiar when comes php.

i using php/javascript(ajax) alter users password website. basically, when log in , seek alter password. code breaks @ first echo. password entering form not match password in database. but, using same hash method , everything. if has ideas, allow me know. thanks!

if(isset($_post["u"])) { $u = preg_replace('#[^a-z0-9]#i', '', $_get['u']); $oldpasshash = md5($_post["cp"]); $newpasshash = md5($_post["cnp"]); $sql = "select id, username, password users username='$u' limit 1"; $query = mysqli_query($db_conx, $sql); $row = mysqli_fetch_row($query); $db_id = $row["id"]; $db_username = $row["username"]; $db_password = $row["password"]; if($db_password != $oldpasshash){ echo "no_exist"; exit(); } else { $sql = "update users set password='$newpasshash', username='$db_username' limit 1"; $query = mysqli_query($db_conx, $sql); } $sql = "select id, username, password users username='$db_username' limit 1"; $query = mysqli_query($db_conx, $sql); $row = mysqli_fetch_row($query); $db_newpass = $row[3]; if($db_newpass == $newpasshash) { echo "success"; exit(); } else { echo "pass_failed"; exit(); } }

look @ first 2 lines of code:

if(isset($_post["u"])) { $u = preg_replace('#[^a-z0-9]#i', '', $_get['u']);

you check if $_post['u'] isset utilize $_get['u'].

fyi, injecting $u straight mysql statement, don't this.

php