haruncpi Posted November 20, 2012 Share Posted November 20, 2012 I have a login script in my site. After login in a user i wanna a user can change his password. So i added two input box and a submit button. newpassconfirmpass condition: if($newpass=$confirmpass){ what will be sql code for update his password. } Please any body help me. I am no expert in php and sql. Link to comment Share on other sites More sharing options...
Ingolme Posted November 20, 2012 Share Posted November 20, 2012 First of all, I'd ask for the old password before changing to a new one. If somebody hi-jacks the session they can lock a user out of their own account. You should read the SQL tutorial, the answer to your question is there. In fact, the answer is even in the PHP tutorial. Link to comment Share on other sites More sharing options...
haruncpi Posted November 21, 2012 Author Share Posted November 21, 2012 First of all, I'd ask for the old password before changing to a new one. If somebody hi-jacks the session they can lock a user out of their own account. You should read the SQL tutorial, the answer to your question is there. In fact, the answer is even in the PHP tutorial.user can recover his password by email. so i wanna just now how to change password in users active sessions time.with the condition which i had described in my post. please help me how will it be. Link to comment Share on other sites More sharing options...
Ingolme Posted November 21, 2012 Share Posted November 21, 2012 Use an SQL UPDATE query. I even linked to it in my previous post. http://www.w3schools.com/php/php_mysql_update.asp Link to comment Share on other sites More sharing options...
phpnoob Posted November 21, 2012 Share Posted November 21, 2012 I was made a nice website and i can tell how to make a good pass update script, but first i write how i was build my login security. in login.php, it have 2 way, cookie + session and the other have only session, in user table have session + cookie + ip column, session and cookie column have 32 lengh value, and before i log in the php make a random number and compress it to md5 and update both column, and after that create 1 session + cookie with that code, and it have a check.php, each browser freshing, it check all stat, cookie and session and ip address, and if something not match, then cookie and session will deleted.And now for the pass update, ingolme link just perfect for you, just don't forgot to put security in update script like in your reg script. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now