PHP-and-MySQL/C4/User-Password-Change-Part-3/English
From Script | Spoken-Tutorial
Time | Narration |
---|---|
0:03 | This is the 3rd part of my “change password” tutorial. In this part, we’re going to change the password in the database. |
0:11 | We’ve already connected to our database up here. |
0:14 | We’re already connected here so there’s no need to reconnect, since that command has already been reissued. |
0:23 | I’ll create a new query called “query change” and that will be equal to “mysql query" function. |
0:30 | Now, this is a new bit of code. So I will scroll down so that you can see it easily. |
0:36 | This is “UPDATE”. So I’m going to say “UPDATE users” - which, you can see is our table - so to update our "users" table. |
0:44 | I will say “SET password equal to new password” |
0:51 | making sure I use inverted commas here. |
0:56 | Then I’ll say WHERE username is equal to the "user" variable that I’ve got on my page currently. |
1:03 | Now this equates |
1:07 | to what we have in this column here. |
1:12 | So since we’ve already processed our php session, |
1:18 | that is equal to "Alex". |
1:21 | This piece of code is basically saying “update the table, change the password to the new password entered by the user. – this is the password they want. |
1:32 | and change this “where” to Alex, |
1:37 | as this is equal to Alex. |
1:40 | So, this password will be changed because this username is equal to Alex. |
1:45 | So this starts with 900 and as soon as we change it, we can refresh this and check that it actually has been changed. |
1:56 | So I’ll just add a few more things |
2:03 | Let’s just put this back up here. |
2:06 | And I’ll kill the page and say “die” and then say “Your password has been changed”. |
2:15 | Then I’ll put a link in saying “return” and that’s going to return to the main page. |
2:23 | And that is “index.php”. |
2:27 | Before we kill the page, I’m going to destroy the session. |
2:31 | So “session destroy”. |
2:33 | The reason being, once the user has changed their password, this link will take them back to the main page, and this will destroy the session. |
2:42 | So they’ll need to login again using the new password. |
2:59 | So if we test this, remember in here, my current password is "abc" whose md5 hash starts with 900. |
3:00 | And if I go back here, write my old password- "abc", my new password "123" and click “change password”. , we see that all the validation has been checked, our password has been changed,, and we get this message to return back to the main page. |
3:18 | Now if I try to go back to the member page, you will see that you must be logged in. Our session has been destroyed, as we used our “session destroy” function here. |
3:32 | And also, when I login again and type "abc" as my password which is my old password, we get an “Incorrect password” message. |
3:43 | If I try "123", you’re in, and evidence of this is shown in here. |
3:50 | Let’s just go back and click “browse”. Lets scroll down and we can see that the password has been changed from 900 to 202. |
3:59 | Therefore this is a completely new hash and a completely new password. |
4:06 | So everything’s working fine. You can see that it is quite simple to do this. |
4:11 | All you need to do is learn your "sql" queries properly. I have tutorials on that, too. |
4:18 | And you need to think logically about how to check your old password, and your two new passwords, |
4:24 | Obviously when we did our registration, we had a limit for how big the password should be. |
4:31 | I’ll leave that to you to enter another check to see if the password should be bigger than 6 characters or no bigger than 25 characters. |
4:42 | So really there are a lot of checks you can do, but this is the basic skeleton for changing the password in php using a mysql database. |
4:53 | Hope you enjoyed this. If you have any comments or questions please let me know. Also subscribe to video updates. |
5:01 | Thanks for watching! This is Harini dubbing for the Spoken Tutorial Project. |