PHP-and-MySQL/C4/User-Password-Change-Part-3/English-timed
From Script | Spoken-Tutorial
| Time | Narration |
| 00:03 | This is the 3rd part of my Change password tutorial. In this part, we’re going to change the password in the database. |
| 00:11 | We’ve already connected to our database up here. |
| 00:14 | We’re already connected here, so there’s no need to reconnect since that command has already been reissued. |
| 00:23 | I’ll create a new query called “$query change” and that will be equal to “mysql_ query()" function. |
| 00:30 | Now, this is a new bit of code. So, I will scroll down so that you can see it easily. |
| 00:36 | This is “UPDATE”. So I’m going to say UPDATE users - which, you can see is our table - so to update our "users" table. |
| 00:44 | I will say SET password equal to '$new password' |
| 00:51 | making sure I use inverted commas here. |
| 00:56 | Then I’ll say WHERE username is equal to the '$user' variable that I’ve got on my page currently. |
| 01:03 | Now this equates |
| 01:07 | to what we have in this column here. |
| 01:12 | So, since we’ve already processed our php session, |
| 01:18 | that is equal to "Alex". |
| 01:21 | This piece of code is basically saying “update the table, change the password to the new password entered by the user. – This is the password they want |
| 01:32 | and change this “WHERE” to Alex, |
| 01:37 | as this is equal to Alex. |
| 01:40 | So, this password will be changed because this "username" is equal to "Alex". |
| 01:45 | So, this starts with 900 and as soon as we change it, we can refresh this and check that it actually has been changed. |
| 01:56 | So I’ll just add a few more things. |
| 02:03 | Let’s just put this back, up here. |
| 02:06 | And I’ll kill the page and say die() and then say “Your password has been changed”. |
| 02:15 | Then I’ll put a link in saying “Return” and that’s going to return to the main page. |
| 02:23 | And that is “index.php”. |
| 02:27 | Before we kill the page, I’m going to destroy the session. |
| 02:31 | So, “session_destroy()”. |
| 02:33 | The reason being, once the users have changed their password, this link will take them back to the main page and this will destroy the session. |
| 02:42 | So, they’ll need to login again using the new password. |
| 02:59 | So, if we test this, remember in here, my current password is "abc" whose 'md5 hash' starts with 900. |
| 03:00 | And if I go back here, write my old password- "abc", my new password "123" and click Change password, we see that all the validation has been checked, our password has been changed and we get this message to return back to the main page. |
| 03:18 | Now if I try to go back to the member page, you will see that you must be logged in. Our session has been destroyed as we used our “session destroy()” function here. |
| 03:32 | And also, when I login again and type "abc" as my password which is my old password, we get an “Incorrect password” message. |
| 03:43 | If I try "123", "you’re in!" and evidence of this is shown in here. |
| 03:50 | Let’s just go back and click Browse. Let's scroll down and we can see that the password has been changed from 900 to 202. |
| 03:59 | Therefore this is a completely new hash and a completely new password. |
| 04:06 | So everything’s working fine. You can see that it is quite simple to do this. |
| 04:11 | All you need to do is learn your "sql" queries properly. I have tutorials on that too. |
| 04:18 | And you need to think logically about how to check your old password, and your two new passwords. |
| 04:24 | Obviously, when we did our registration, we had a limit for how big the password should be. |
| 04:31 | I’ll leave that to you to enter another check to see if the password should be bigger than 6 characters or no bigger than 25 characters. |
| 04:42 | So, really, there are a lot of checks you can do, but this is the basic skeleton for changing the password in php using a MySQL database. |
| 04:53 | Hope you enjoyed this. If you have any comments or questions please let me know. Also subscribe to video updates. |
| 05:01 | Thanks for watching! This is Harini, dubbing for the Spoken Tutorial Project. |
