PHP-and-MySQL/C4/User-Password-Change-Part-3/English-timed
From Script | Spoken-Tutorial
Revision as of 14:22, 10 July 2014 by Pratik kamble (Talk | contribs)
| Time | Narration |
| 00:03 | This is the 3rd part of my “change password” tutorial. In this part, we’re going to change the password in the database. |
| 00:11 | We’ve already connected to our database up here. |
| 00:14 | We’re already connected here so there’s no need to reconnect, since that command has already been reissued. |
| 00:23 | I’ll create a new query called “query change” and that will be equal to “mysql query" function. |
| 00:30 | Now, this is a new bit of code. So I will scroll down so that you can see it easily. |
| 00:36 | This is “UPDATE”. So I’m going to say “UPDATE users” - which, you can see is our table - so to update our "users" table. |
| 00:44 | I will say “SET password equal to new password” |
| 00:51 | making sure I use inverted commas here. |
| 00:56 | Then I’ll say WHERE username is equal to the "user" variable that I’ve got on my page currently. |
| 01:03 | Now this equates |
| 01:07 | to what we have in this column here. |
| 01:12 | So since we’ve already processed our php session, |
| 01:18 | that is equal to "Alex". |
| 01:21 | This piece of code is basically saying “update the table, change the password to the new password entered by the user. – this is the password they want. |
| 01:32 | and change this “where” to Alex, |
| 01:37 | as this is equal to Alex. |
| 01:40 | So, this password will be changed because this username is equal to Alex. |
| 01:45 | So this starts with 900 and as soon as we change it, we can refresh this and check that it actually has been changed. |
| 01:56 | So I’ll just add a few more things |
| 02:03 | Let’s just put this back up here. |
| 02:06 | And I’ll kill the page and say “die” and then say “Your password has been changed”. |
| 02:15 | Then I’ll put a link in saying “return” and that’s going to return to the main page. |
| 02:23 | And that is “index.php”. |
| 02:27 | Before we kill the page, I’m going to destroy the session. |
| 02:31 | So “session destroy”. |
| 02:33 | The reason being, once the user has changed their password, this link will take them back to the main page, and this will destroy the session. |
| 02:42 | So they’ll need to login again using the new password. |
| 02:59 | So if we test this, remember in here, my current password is "abc" whose md5 hash starts with 900. |
| 03:00 | And if I go back here, write my old password- "abc", my new password "123" and click “change password”. , we see that all the validation has been checked, our password has been changed,, and we get this message to return back to the main page. |
| 03:18 | Now if I try to go back to the member page, you will see that you must be logged in. Our session has been destroyed, as we used our “session destroy” function here. |
| 03:32 | And also, when I login again and type "abc" as my password which is my old password, we get an “Incorrect password” message. |
| 03:43 | If I try "123", you’re in, and evidence of this is shown in here. |
| 03:50 | Let’s just go back and click “browse”. Lets scroll down and we can see that the password has been changed from 900 to 202. |
| 03:59 | Therefore this is a completely new hash and a completely new password. |
| 04:06 | So everything’s working fine. You can see that it is quite simple to do this. |
| 04:11 | All you need to do is learn your "sql" queries properly. I have tutorials on that, too. |
| 04:18 | And you need to think logically about how to check your old password, and your two new passwords, |
| 04:24 | Obviously when we did our registration, we had a limit for how big the password should be. |
| 04:31 | I’ll leave that to you to enter another check to see if the password should be bigger than 6 characters or no bigger than 25 characters. |
| 04:42 | So really there are a lot of checks you can do, but this is the basic skeleton for changing the password in php using a mysql database. |
| 04:53 | Hope you enjoyed this. If you have any comments or questions please let me know. Also subscribe to video updates. |
| 05:01 | Thanks for watching! This is Harini dubbing for the Spoken Tutorial Project. |
