clears password instead of updating password/reset password

Question

I am trying to allow a user to change their password however instead of replacing the old password with new it removes/clears password field in the database. I am just testing interaction with the db therefore I am not yet using a model.

Controller

<?php
class My_account extends CI_Controller {
    public function index(){
        $this->load->view("vChangePassword");
    }

    public function change_password() {

        $this->load->library('form_validation');

        $this->form_validation->set_rules('cur_password','Current Password','required');
        $this->form_validation->set_rules('new_password','New Password','required');
        $this->form_validation->set_rules('con_password','Confirm Password',          'required[matches[new_password]');
        if ($this->form_validation->run()!= true){
            $this->load->view("vChangePassword");
        } else {
            $sql = $this->db->select("*")->from('users')->where('email',$this->session->userdata('email') )->get();
            foreach($sql->result() as $my_info) {
                $db_password = $my_info->password;
                $email = $my_info->email; 
            }
            if(md5($this->input->post('cur_password'))== $db_password){
                $fixed_password = md5($this->input->post('new_password')); 
                $fixed_password ='password';
                $this->db->where('email', $email)->update('users' ,$fixed_password );

                echo "Password has been updated!" ;    
             } else {
                 echo "Password is incorrect!";
             }
        }


    }
}

?>

My View

 <?php
echo form_open(base_url()."index.php/my_account/change_password")?>
<?php echo validation_errors();
?>
<table class=”table table-bordered”>
<tbody>
<tr>
<td><small><?php echo 'Old Password:';?></small></td>
<td><?php echo form_password("cur_password");?></td>
</tr>
<tr>
<td><small><?php echo 'New Password:';?></small></td>
<td><?php echo form_password("new_password");?></td>
</tr>
<tr>
<td><small><?php echo 'Confirm Password:';?></small></td>
<td><?php echo form_password("con_password");?></td>
</tr>
</tbody>
</table>
&nbsp;&nbsp;<div id=”some”style=”position:relative;”><button type=”submit” class=”btn    btn-primary”><i class=” icon-ok-sign icon-white”></i>&nbsp;Submit</button>
<?php
echo form_close();
?>

Answer 1

Take a look at these lines:

$fixed_password = md5($this->input->post('new_password'));
$fixed_password ='password';
$this->db->where('email', $email)->update('users' ,$fixed_password );

You assign the same variable 2 different values of which the last one is the one that will stick, ie $fixed_password will have the value password and no other no matter what the user enters. Second, take a look at the documentation for the ActiveRecord class in CodeIgniter found at http://ellislab.com/codeigniter/user-guide/database/active_record.html#update. From that you should be able to figure out how to call the update() method properly, it takes an associative array or an object as the second argument. I'd suggest using an array for this time as that would be easiest and it seems that's where you're headed. Hope it helps!

Answer 2

$this->db->where('email', $email)->update('users' ,$fixed_password );

This line looks wrong. It looks like you updated the user name instead of the password field.