Password update

[haruncpi]

I have a login script in my site. After login in a user i wanna a user can change his password. So i added two input box and a submit button. newpassconfirmpass condition: if($newpass=$confirmpass){ what will be sql code for update his password. } Please any body help me. I am no expert in php and sql.

[Ingolme]

First of all, I'd ask for the old password before changing to a new one. If somebody hi-jacks the session they can lock a user out of their own account. You should read the SQL tutorial, the answer to your question is there. In fact, the answer is even in the PHP tutorial.

[haruncpi]

First of all, I'd ask for the old password before changing to a new one. If somebody hi-jacks the session they can lock a user out of their own account. You should read the SQL tutorial, the answer to your question is there. In fact, the answer is even in the PHP tutorial.

user can recover his password by email. so i wanna just now how to change password in users active sessions time.with the condition which i had described in my post. please help me how will it be.

[Ingolme]

Use an SQL UPDATE query. I even linked to it in my previous post. http://www.w3schools.com/php/php_mysql_update.asp

[phpnoob]

I was made a nice website and i can tell how to make a good pass update script, but first i write how i was build my login security. in login.php, it have 2 way, cookie + session and the other have only session, in user table have session + cookie + ip column, session and cookie column have 32 lengh value, and before i log in the php make a random number and compress it to md5 and update both column, and after that create 1 session + cookie with that code, and it have a check.php, each browser freshing, it check all stat, cookie and session and ip address, and if something not match, then cookie and session will deleted.And now for the pass update, ingolme link just perfect for you, just don't forgot to put security in update script like in your reg script.