Difference between revisions of "PHP-and-MySQL/C4/User-Password-Change-Part-2/English-timed"
From Script | Spoken-Tutorial
(Created page with '{| border=1 !Time !Narration |- |0:00 |Welcome to the 2nd part of our “Change Password” tutorial. In the last one, we learnt how to check if our forms were submitted. |- |0…') |
|||
| Line 1: | Line 1: | ||
{| border=1 | {| border=1 | ||
| − | + | |'''Time''' | |
| − | + | |'''Narration''' | |
|- | |- | ||
| − | | | + | |00:00 |
|Welcome to the 2nd part of our “Change Password” tutorial. In the last one, we learnt how to check if our forms were submitted. | |Welcome to the 2nd part of our “Change Password” tutorial. In the last one, we learnt how to check if our forms were submitted. | ||
|- | |- | ||
| − | | | + | |00:09 |
| We’ve got our data values in here. | | We’ve got our data values in here. | ||
|- | |- | ||
| − | | | + | |00:13 |
|Please remember that inside our database, our passwords are encrypted. | |Please remember that inside our database, our passwords are encrypted. | ||
|- | |- | ||
| − | | | + | |00:18 |
|So, as soon as these fields are coming in, I will encrypt them into an md 5 hash. | |So, as soon as these fields are coming in, I will encrypt them into an md 5 hash. | ||
|- | |- | ||
| − | | | + | |00:27 |
|Make sure you put the brackets. | |Make sure you put the brackets. | ||
|- | |- | ||
| − | | | + | |00:35 |
|What I have highlighted here is our parameter. | |What I have highlighted here is our parameter. | ||
|- | |- | ||
| − | | | + | |00:38 |
|So, here we will have our md5 encrypted passwords. | |So, here we will have our md5 encrypted passwords. | ||
|- | |- | ||
| − | | | + | |00:43 |
|We will need to check this field to see whether they exist or not. | |We will need to check this field to see whether they exist or not. | ||
|- | |- | ||
| − | | | + | |00:51 |
|At the moment when we submit our form, we see that nothing really happens. | |At the moment when we submit our form, we see that nothing really happens. | ||
|- | |- | ||
| − | | | + | |00:57 |
|First I will say “check password against db” and then we have to connect to our database. | |First I will say “check password against db” and then we have to connect to our database. | ||
|- | |- | ||
| − | | | + | |01:08 |
|We have already connected to the database in several of these pages- like the Login page. | |We have already connected to the database in several of these pages- like the Login page. | ||
|- | |- | ||
| − | | | + | |01:15 |
|You can put this into a separate file, say, “include” and” include connect .php” with your one time login script in, so that you don’t have to keep typing it. | |You can put this into a separate file, say, “include” and” include connect .php” with your one time login script in, so that you don’t have to keep typing it. | ||
|- | |- | ||
| − | | | + | |01:29 |
|But for our tutorial's sake, I will keep typing it over and over again because this is a good way to learn. | |But for our tutorial's sake, I will keep typing it over and over again because this is a good way to learn. | ||
|- | |- | ||
| − | | | + | |01:35 |
|We type here - "connect = mysql_connect". | |We type here - "connect = mysql_connect". | ||
|- | |- | ||
| − | | | + | |01:40 |
|And we will be connecting to our local host database, with my username as root and my password as nothing, I am going to select my database. | |And we will be connecting to our local host database, with my username as root and my password as nothing, I am going to select my database. | ||
|- | |- | ||
| − | | | + | |01:50 |
|So that is “phplogin” which here. Lets go there and you can see it here. | |So that is “phplogin” which here. Lets go there and you can see it here. | ||
|- | |- | ||
| − | | | + | |01:58 |
|Our table is "users", which we can use later on. | |Our table is "users", which we can use later on. | ||
|- | |- | ||
| − | | | + | |02:01 |
|Next we will create a query to get the passwords. | |Next we will create a query to get the passwords. | ||
|- | |- | ||
| − | | | + | |02:05 |
|So I will type “ query get” which is equal to mysql.......... "mysql query" and here we will type "SELECT password" - We need to ascertain the password from the database "users". | |So I will type “ query get” which is equal to mysql.......... "mysql query" and here we will type "SELECT password" - We need to ascertain the password from the database "users". | ||
|- | |- | ||
| − | | | + | |02:26 |
|You can see here. This is the "users" table. | |You can see here. This is the "users" table. | ||
|- | |- | ||
| − | | | + | |02:31 |
|Then we type “Where username is equal to user”. This is our session variable holding our user’s user name. | |Then we type “Where username is equal to user”. This is our session variable holding our user’s user name. | ||
|- | |- | ||
| − | | | + | |02:39 |
|So, what we are doing is we are selecting our password hash from this table where the username is equal to the session name, and that is equal to “Alex”. | |So, what we are doing is we are selecting our password hash from this table where the username is equal to the session name, and that is equal to “Alex”. | ||
|- | |- | ||
| − | | | + | |02:49 |
|So, that should be a successful query. And you can type at the end “ or die "Query didn’t work”" - some error message. | |So, that should be a successful query. And you can type at the end “ or die "Query didn’t work”" - some error message. | ||
|- | |- | ||
| − | | | + | |02:59 |
|You can be a bit imaginative with these error messages and type what you like. | |You can be a bit imaginative with these error messages and type what you like. | ||
|- | |- | ||
| − | | | + | |03:08 |
|Same here. You can say “or die”. You can add your own error message in here but to save time, I am not going to right now. | |Same here. You can say “or die”. You can add your own error message in here but to save time, I am not going to right now. | ||
|- | |- | ||
| − | | | + | |03:17 |
|Now, we will use this slightly differently, before we use the "while" function to loop through every record in the data base. | |Now, we will use this slightly differently, before we use the "while" function to loop through every record in the data base. | ||
|- | |- | ||
| − | | | + | |03:25 |
|I was informed about this method through a comment someone posted. I will say "row = mysql_fetch_associative". And that‘s "query get" | |I was informed about this method through a comment someone posted. I will say "row = mysql_fetch_associative". And that‘s "query get" | ||
|- | |- | ||
| − | | | + | |03:41 |
|We will set “old password db” which is a new variable name . Don’t mistake this with the old password that has been submitted. | |We will set “old password db” which is a new variable name . Don’t mistake this with the old password that has been submitted. | ||
|- | |- | ||
| − | | | + | |03:50 |
|Our old password inside the database will be equal to our row. | |Our old password inside the database will be equal to our row. | ||
|- | |- | ||
| − | | | + | |03:55 |
|Remember this creates an array. | |Remember this creates an array. | ||
|- | |- | ||
| − | | | + | |03:58 |
|So this value is” password”, because inside our database, this is “password” here. You need to use the labels. | |So this value is” password”, because inside our database, this is “password” here. You need to use the labels. | ||
|- | |- | ||
| − | | | + | |04:06 |
|So from here on we can check our passwords. | |So from here on we can check our passwords. | ||
|- | |- | ||
| − | | | + | |04:08 |
|Checking our old passwords and our new passwords is just a simple “IF” statement. | |Checking our old passwords and our new passwords is just a simple “IF” statement. | ||
|- | |- | ||
| − | | | + | |04:16 |
|Lets type - if the old password is equal to the old password inside the database. | |Lets type - if the old password is equal to the old password inside the database. | ||
|- | |- | ||
| − | | | + | |04:25 |
|These are both md5 hashes because we converted them into an md5 hash earlier. | |These are both md5 hashes because we converted them into an md5 hash earlier. | ||
|- | |- | ||
| − | | | + | |04:30 |
|So, if they are equal then we’ll run a block of code, otherwise we’ll kill the page and say ” Old password doesn’t match!”. | |So, if they are equal then we’ll run a block of code, otherwise we’ll kill the page and say ” Old password doesn’t match!”. | ||
|- | |- | ||
| − | | | + | |04:44 |
|So here, assuming we’ve got through the first stage of our validation,- we checked the old password with to old password in the database - now we need to our two new passwords. | |So here, assuming we’ve got through the first stage of our validation,- we checked the old password with to old password in the database - now we need to our two new passwords. | ||
|- | |- | ||
| − | | | + | |04:57 |
|Now this is just as simple as typing “if new password is equal to repeat new password”, then we can write a block of code, otherwise we can just kill the page and say “ New passwords don’t match!”. | |Now this is just as simple as typing “if new password is equal to repeat new password”, then we can write a block of code, otherwise we can just kill the page and say “ New passwords don’t match!”. | ||
|- | |- | ||
| − | | | + | |05:20 |
|So here this is “success” and then we’ll say “change password in database”. | |So here this is “success” and then we’ll say “change password in database”. | ||
|- | |- | ||
| − | | | + | |05:31 |
|So now what I’ll do is echo out “success” and I’ll go back to my page. | |So now what I’ll do is echo out “success” and I’ll go back to my page. | ||
|- | |- | ||
| − | | | + | |05:38 |
|I’ll type my password wrong on purpose. So I’ll just type this. | |I’ll type my password wrong on purpose. So I’ll just type this. | ||
|- | |- | ||
| − | | | + | |05:41 |
|My new password I’ll type as "abc" and then clicking on “change password” we get the message "Old password doesn’t match!". | |My new password I’ll type as "abc" and then clicking on “change password” we get the message "Old password doesn’t match!". | ||
|- | |- | ||
| − | | | + | |05:49 |
|If I type "abc" as my old password, which it is, and "123" as my new password and random letters in the next, we should get.....Oh "Old password doesn’t match!" | |If I type "abc" as my old password, which it is, and "123" as my new password and random letters in the next, we should get.....Oh "Old password doesn’t match!" | ||
|- | |- | ||
| − | | | + | |06:00 |
|Lets go back and check the code. Old password......... row - password............ query get........ | |Lets go back and check the code. Old password......... row - password............ query get........ | ||
|- | |- | ||
| − | | | + | |06:13 |
|What we can do here to debug is just say “echo old password db” with a break on the end, and just say echo old password with another break. | |What we can do here to debug is just say “echo old password db” with a break on the end, and just say echo old password with another break. | ||
|- | |- | ||
| − | | | + | |06:31 |
|What we can do now is, run the script again, so old password equals "abc", new password equals "123" and then random letters. | |What we can do now is, run the script again, so old password equals "abc", new password equals "123" and then random letters. | ||
|- | |- | ||
| − | | | + | |06:44 |
|okay so let’s compare these. They both look the same to me, so we can see that we’ve got a problem here. | |okay so let’s compare these. They both look the same to me, so we can see that we’ve got a problem here. | ||
|- | |- | ||
| − | | | + | |06:50 |
|Again lets check the code. Checking for the spellings. | |Again lets check the code. Checking for the spellings. | ||
|- | |- | ||
| − | | | + | |07:15 |
|Ok I just found out the problem. If I go back to my database here, we see that I had added in this value myself and I had created this space at the end of this - you can see it highlighted in blue - I’ll just get rid of that quickly and I’ll come back to my page. | |Ok I just found out the problem. If I go back to my database here, we see that I had added in this value myself and I had created this space at the end of this - you can see it highlighted in blue - I’ll just get rid of that quickly and I’ll come back to my page. | ||
|- | |- | ||
| − | | | + | |07:33 |
|I’ll login again as usual and quickly change my password, I’ll put my old password in correctly and random text for my two new passwords. | |I’ll login again as usual and quickly change my password, I’ll put my old password in correctly and random text for my two new passwords. | ||
|- | |- | ||
| − | | | + | |07:45 |
|You can see that my two new passwords don’t match. | |You can see that my two new passwords don’t match. | ||
|- | |- | ||
| − | | | + | |07:49 |
|We've echoed this out already, so now we can delete this. | |We've echoed this out already, so now we can delete this. | ||
|- | |- | ||
| − | | | + | |07:53 |
|So assuming my passwords do match, let me echo this success message. | |So assuming my passwords do match, let me echo this success message. | ||
|- | |- | ||
| − | | | + | |07:58 |
|So let’s just delete these. I put them for debugging. | |So let’s just delete these. I put them for debugging. | ||
|- | |- | ||
| − | | | + | |08:02 |
|I’ll just type in my old password, my new passwords 123 and 123, click change password, and we’ve got success. | |I’ll just type in my old password, my new passwords 123 and 123, click change password, and we’ve got success. | ||
|- | |- | ||
| − | | | + | |08:10 |
|So I apologise for that last slip-up there. | |So I apologise for that last slip-up there. | ||
|- | |- | ||
| − | | | + | |08:18 |
|So in the 3rd part of this tutorial, we will continue with updating the user's password and just making sure everything’s working properly. | |So in the 3rd part of this tutorial, we will continue with updating the user's password and just making sure everything’s working properly. | ||
|- | |- | ||
| − | | | + | |08:29 |
|Thanks for watching. This is Joshwa Mathew dubbing for the Spoken Tutorial Project. | |Thanks for watching. This is Joshwa Mathew dubbing for the Spoken Tutorial Project. | ||
Revision as of 14:20, 10 July 2014
| Time | Narration |
| 00:00 | Welcome to the 2nd part of our “Change Password” tutorial. In the last one, we learnt how to check if our forms were submitted. |
| 00:09 | We’ve got our data values in here. |
| 00:13 | Please remember that inside our database, our passwords are encrypted. |
| 00:18 | So, as soon as these fields are coming in, I will encrypt them into an md 5 hash. |
| 00:27 | Make sure you put the brackets. |
| 00:35 | What I have highlighted here is our parameter. |
| 00:38 | So, here we will have our md5 encrypted passwords. |
| 00:43 | We will need to check this field to see whether they exist or not. |
| 00:51 | At the moment when we submit our form, we see that nothing really happens. |
| 00:57 | First I will say “check password against db” and then we have to connect to our database. |
| 01:08 | We have already connected to the database in several of these pages- like the Login page. |
| 01:15 | You can put this into a separate file, say, “include” and” include connect .php” with your one time login script in, so that you don’t have to keep typing it. |
| 01:29 | But for our tutorial's sake, I will keep typing it over and over again because this is a good way to learn. |
| 01:35 | We type here - "connect = mysql_connect". |
| 01:40 | And we will be connecting to our local host database, with my username as root and my password as nothing, I am going to select my database. |
| 01:50 | So that is “phplogin” which here. Lets go there and you can see it here. |
| 01:58 | Our table is "users", which we can use later on. |
| 02:01 | Next we will create a query to get the passwords. |
| 02:05 | So I will type “ query get” which is equal to mysql.......... "mysql query" and here we will type "SELECT password" - We need to ascertain the password from the database "users". |
| 02:26 | You can see here. This is the "users" table. |
| 02:31 | Then we type “Where username is equal to user”. This is our session variable holding our user’s user name. |
| 02:39 | So, what we are doing is we are selecting our password hash from this table where the username is equal to the session name, and that is equal to “Alex”. |
| 02:49 | So, that should be a successful query. And you can type at the end “ or die "Query didn’t work”" - some error message. |
| 02:59 | You can be a bit imaginative with these error messages and type what you like. |
| 03:08 | Same here. You can say “or die”. You can add your own error message in here but to save time, I am not going to right now. |
| 03:17 | Now, we will use this slightly differently, before we use the "while" function to loop through every record in the data base. |
| 03:25 | I was informed about this method through a comment someone posted. I will say "row = mysql_fetch_associative". And that‘s "query get" |
| 03:41 | We will set “old password db” which is a new variable name . Don’t mistake this with the old password that has been submitted. |
| 03:50 | Our old password inside the database will be equal to our row. |
| 03:55 | Remember this creates an array. |
| 03:58 | So this value is” password”, because inside our database, this is “password” here. You need to use the labels. |
| 04:06 | So from here on we can check our passwords. |
| 04:08 | Checking our old passwords and our new passwords is just a simple “IF” statement. |
| 04:16 | Lets type - if the old password is equal to the old password inside the database. |
| 04:25 | These are both md5 hashes because we converted them into an md5 hash earlier. |
| 04:30 | So, if they are equal then we’ll run a block of code, otherwise we’ll kill the page and say ” Old password doesn’t match!”. |
| 04:44 | So here, assuming we’ve got through the first stage of our validation,- we checked the old password with to old password in the database - now we need to our two new passwords. |
| 04:57 | Now this is just as simple as typing “if new password is equal to repeat new password”, then we can write a block of code, otherwise we can just kill the page and say “ New passwords don’t match!”. |
| 05:20 | So here this is “success” and then we’ll say “change password in database”. |
| 05:31 | So now what I’ll do is echo out “success” and I’ll go back to my page. |
| 05:38 | I’ll type my password wrong on purpose. So I’ll just type this. |
| 05:41 | My new password I’ll type as "abc" and then clicking on “change password” we get the message "Old password doesn’t match!". |
| 05:49 | If I type "abc" as my old password, which it is, and "123" as my new password and random letters in the next, we should get.....Oh "Old password doesn’t match!" |
| 06:00 | Lets go back and check the code. Old password......... row - password............ query get........ |
| 06:13 | What we can do here to debug is just say “echo old password db” with a break on the end, and just say echo old password with another break. |
| 06:31 | What we can do now is, run the script again, so old password equals "abc", new password equals "123" and then random letters. |
| 06:44 | okay so let’s compare these. They both look the same to me, so we can see that we’ve got a problem here. |
| 06:50 | Again lets check the code. Checking for the spellings. |
| 07:15 | Ok I just found out the problem. If I go back to my database here, we see that I had added in this value myself and I had created this space at the end of this - you can see it highlighted in blue - I’ll just get rid of that quickly and I’ll come back to my page. |
| 07:33 | I’ll login again as usual and quickly change my password, I’ll put my old password in correctly and random text for my two new passwords. |
| 07:45 | You can see that my two new passwords don’t match. |
| 07:49 | We've echoed this out already, so now we can delete this. |
| 07:53 | So assuming my passwords do match, let me echo this success message. |
| 07:58 | So let’s just delete these. I put them for debugging. |
| 08:02 | I’ll just type in my old password, my new passwords 123 and 123, click change password, and we’ve got success. |
| 08:10 | So I apologise for that last slip-up there. |
| 08:18 | So in the 3rd part of this tutorial, we will continue with updating the user's password and just making sure everything’s working properly. |
| 08:29 | Thanks for watching. This is Joshwa Mathew dubbing for the Spoken Tutorial Project. |
