Difference between revisions of "PHP-and-MySQL/C4/User-Password-Change-Part-2/English-timed"

From Script | Spoken-Tutorial
Jump to: navigation, search
Line 4: Line 4:
 
|-
 
|-
 
|00:00
 
|00:00
|Welcome to the 2nd part of our “Change Password” tutorial. In the last  one, we learnt how to check if our forms were submitted.  
+
|Welcome to the 2nd part of our '''Change Password''' tutorial. In the last  one, we learnt how to check if our '''forms''' were submitted.  
 
|-
 
|-
 
|00:09
 
|00:09
Line 13: Line 13:
 
|-
 
|-
 
|00:18
 
|00:18
|So, as soon as these fields are coming in,  I will encrypt them into an md 5 hash.
+
|So, as soon as these fields are coming in,  I will encrypt them into an '''md 5 hash'''.
 
|-
 
|-
 
|00:27
 
|00:27
Line 19: Line 19:
 
|-
 
|-
 
|00:35
 
|00:35
|What I have highlighted here is our parameter.
+
|What I have highlighted here is our '''parameter'''.
 
|-
 
|-
 
|00:38
 
|00:38
|So, here we will have our md5 encrypted passwords.
+
|So, here we will have our "md5" encrypted passwords.
 
|-
 
|-
 
|00:43
 
|00:43
|We will need to check this field to see whether they exist or not.   
+
|We will need to check this '''field''' to see whether they exist or not.   
 
|-
 
|-
 
|00:51
 
|00:51
|At the moment when we submit our form, we see that nothing really happens.
+
|At the moment when we submit our '''form''', we see that nothing really happens.
 
|-
 
|-
 
|00:57
 
|00:57
Line 34: Line 34:
 
|-
 
|-
 
|01:08
 
|01:08
|We have already connected to the database in several of these pages- like the Login page.
+
|We have already connected to the database in several of these pages- like the '''login''' page.
 
|-
 
|-
 
|01:15
 
|01:15
|You can put this into a separate file, say, “include” and” include connect .php”  with your one time login script in, so that you don’t have to keep typing it.
+
|You can put this into a separate file, say, “include” and '''include''' "connect .php”  with your one time login script in, so that you don’t have to keep typing it.
 
|-
 
|-
 
|01:29
 
|01:29
Line 43: Line 43:
 
|-
 
|-
 
|01:35
 
|01:35
|We type here - "connect = mysql_connect".
+
|We type here - "$connect = mysql_connect()".
 
|-
 
|-
 
|01:40
 
|01:40
|And we will be connecting to our local host database, with my username as root and my password as nothing, I am going to select my database.  
+
|And we will be connecting to our "local host" database, with my '''username''' as "root" and my password as nothing; I am going to select my database.  
 
|-
 
|-
 
|01:50
 
|01:50
|So that is “phplogin” which here.  Lets go there and you can see it here.
+
|So, that is “phplogin” which is here.  Let's go there and you can see it here.
 
|-
 
|-
 
|01:58
 
|01:58
|Our table is "users"which we can use later on.   
+
|Our '''table''' is "users" which we can use later on.   
 
|-
 
|-
 
|02:01
 
|02:01
|Next we will create a query to get the passwords.
+
|Next we will create a '''query''' to get the passwords.
 
|-
 
|-
 
|02:05
 
|02:05
|So I will type “ query get” which is equal to mysql.......... "mysql query" and here we will type "SELECT password" - We need to ascertain the password from the database "users".  
+
|So I will type “ $query get” which is equal to mysql.......... "mysql_query" and here we will type "SELECT password" - We need to ascertain the password from the database "users".  
 
|-
 
|-
 
|02:26
 
|02:26

Revision as of 12:57, 8 June 2015

Time Narration
00:00 Welcome to the 2nd part of our Change Password tutorial. In the last one, we learnt how to check if our forms were submitted.
00:09 We’ve got our data values in here.
00:13 Please remember that inside our database, our passwords are encrypted.
00:18 So, as soon as these fields are coming in, I will encrypt them into an md 5 hash.
00:27 Make sure you put the brackets.
00:35 What I have highlighted here is our parameter.
00:38 So, here we will have our "md5" encrypted passwords.
00:43 We will need to check this field to see whether they exist or not.
00:51 At the moment when we submit our form, we see that nothing really happens.
00:57 First I will say “check password against db” and then we have to connect to our database.
01:08 We have already connected to the database in several of these pages- like the login page.
01:15 You can put this into a separate file, say, “include” and include "connect .php” with your one time login script in, so that you don’t have to keep typing it.
01:29 But for our tutorial's sake, I will keep typing it over and over again because this is a good way to learn.
01:35 We type here - "$connect = mysql_connect()".
01:40 And we will be connecting to our "local host" database, with my username as "root" and my password as nothing; I am going to select my database.
01:50 So, that is “phplogin” which is here. Let's go there and you can see it here.
01:58 Our table is "users" which we can use later on.
02:01 Next we will create a query to get the passwords.
02:05 So I will type “ $query get” which is equal to mysql.......... "mysql_query" and here we will type "SELECT password" - We need to ascertain the password from the database "users".
02:26 You can see here. This is the "users" table.
02:31 Then we type “Where username is equal to user”. This is our session variable holding our user’s user name.
02:39 So, what we are doing is we are selecting our password hash from this table where the username is equal to the session name, and that is equal to “Alex”.
02:49 So, that should be a successful query. And you can type at the end “ or die "Query didn’t work”" - some error message.
02:59 You can be a bit imaginative with these error messages and type what you like.
03:08 Same here. You can say “or die”. You can add your own error message in here but to save time, I am not going to right now.
03:17 Now, we will use this slightly differently, before we use the "while" function to loop through every record in the data base.
03:25 I was informed about this method through a comment someone posted. I will say "row = mysql_fetch_associative". And that‘s "query get"
03:41 We will set “old password db” which is a new variable name . Don’t mistake this with the old password that has been submitted.
03:50 Our old password inside the database will be equal to our row.
03:55 Remember this creates an array.
03:58 So this value is” password”, because inside our database, this is “password” here. You need to use the labels.
04:06 So from here on we can check our passwords.
04:08 Checking our old passwords and our new passwords is just a simple “IF” statement.
04:16 Lets type - if the old password is equal to the old password inside the database.
04:25 These are both md5 hashes because we converted them into an md5 hash earlier.
04:30 So, if they are equal then we’ll run a block of code, otherwise we’ll kill the page and say ” Old password doesn’t match!”.
04:44 So here, assuming we’ve got through the first stage of our validation,- we checked the old password with to old password in the database - now we need to our two new passwords.
04:57 Now this is just as simple as typing “if new password is equal to repeat new password”, then we can write a block of code, otherwise we can just kill the page and say “ New passwords don’t match!”.
05:20 So here this is “success” and then we’ll say “change password in database”.
05:31 So now what I’ll do is echo out “success” and I’ll go back to my page.
05:38 I’ll type my password wrong on purpose. So I’ll just type this.
05:41 My new password I’ll type as "abc" and then clicking on “change password” we get the message "Old password doesn’t match!".
05:49 If I type "abc" as my old password, which it is, and "123" as my new password and random letters in the next, we should get.....Oh "Old password doesn’t match!"
06:00 Lets go back and check the code. Old password......... row - password............ query get........
06:13 What we can do here to debug is just say “echo old password db” with a break on the end, and just say echo old password with another break.
06:31 What we can do now is, run the script again, so old password equals "abc", new password equals "123" and then random letters.
06:44 okay so let’s compare these. They both look the same to me, so we can see that we’ve got a problem here.
06:50 Again lets check the code. Checking for the spellings.
07:15 Ok I just found out the problem. If I go back to my database here, we see that I had added in this value myself and I had created this space at the end of this - you can see it highlighted in blue - I’ll just get rid of that quickly and I’ll come back to my page.
07:33 I’ll login again as usual and quickly change my password, I’ll put my old password in correctly and random text for my two new passwords.
07:45 You can see that my two new passwords don’t match.
07:49 We've echoed this out already, so now we can delete this.
07:53 So assuming my passwords do match, let me echo this success message.
07:58 So let’s just delete these. I put them for debugging.
08:02 I’ll just type in my old password, my new passwords 123 and 123, click change password, and we’ve got success.
08:10 So I apologise for that last slip-up there.
08:18 So in the 3rd part of this tutorial, we will continue with updating the user's password and just making sure everything’s working properly.
08:29 Thanks for watching. This is Joshwa Mathew dubbing for the Spoken Tutorial Project.

Contributors and Content Editors

Gyan, Pratik kamble, Sandhya.np14