PHP-and-MySQL/C4/User-Password-Change-Part-1/English-timed

From Script | Spoken-Tutorial
Jump to: navigation, search
Time Narration
00:00 Welcome. In this tutorial, we will talk about how users can change their password.
00:08 We will learn how to give the users the option to change their password if they want to.
00:13 This shouldn’t take too long. It will be covered in 3 parts.
00:18 We’ll give the user a form and ask the users to type their old password and their new password twice.
00:27 We will check their old password, the one that’s in the database.
00:31 Remember, they’re encrypted.
00:33 Then we will compare the two new passwords to see if they match, to see if they’ve made any mistake.
00:39 Next we will update the database using the sql codes.
00:44 So, first of all I will start my session on my "member" page. As you can see we’ve got our "session_start()" here.
00:53 I’ll just copy and paste that to the top of my page. So, we’ve started our session.
00:59 We need to use a variable called "$user" which will be equal to the '$_SESSION' that we’ve set over here.
01:09 First, we need to check that the users have logged in - this is the code I was talking about - before we start to change their password or let them change their password,
01:19 I’ll set this "user" variable as our "session" name which is here.
01:24 Okay, now we will say “ if the user exists”, we’ll let them change their password otherwise we kill the page and say “You must be logged in to change your password".
01:41 This is the block for “User is logged in”. So, assuming the user has logged in, after we’ve checked for the existence of the login, we need to give them a form to fill up.
01:49 I'll echo out our code here which will be our form. It’s a self- submitting form, so it’ll to go back to "change password dot php" and end the form here.
02:14 So, that's the page we are already on and so I’ll use a check to verify all the details.
02:21 The method of the form is POST because we don’t want to let any password information into the URL.
02:30 Next, we’ll create a few input boxes. First, “Old password:” which won't be a password type, so the entry won't be hidden. So, input type will be "text" and name will be "oldpassword".
02:48 I’ll put a paragraph break. Next is "New password:" and I will create an input type as "password" so that it is hidden from everyone. The name will be “new password”.
03:02 I'll put a line-break here. Now copy paste this sentence and make a few changes. The label here will be “Repeat new password” and the name will be "repeat new password" followed by a paragraph break.
03:23 Lastly we need a “submit" button. The name will be "submit", so we can check if that’s being pressed and the value will be "Change password".
03:33 Okay, so let’s go to our page. I’ll stick a link in the members’ page in order to help us change our password.
03:40 For now, I’ll just login using the details. My password at the moment is “abc" and my 'username' is “Alex”.
03:48 Click on Login. It says "Welcome Alex". Here is the member page. The session has been set. If we need to log out, we can log out. But we need another option to change our password.
04:01 So, we go back to our "member dot php" page and I’ll create another link
04:08 and that will be “Change password”.
04:11 And this will link to the “change password dot php".
04:14 So if we refresh this, we’ll get another option. Click here and we get our form that we had created earlier. I'll type my old password here and my new passwords in here.
04:26 Click "Change password" but nothing happens. So, we want to check whether this has been submitted or not. Delete this extra line here.
04:38 What we need to do is: create an if statement to say “if POST submit” which just means "has the user pressed this 'submit' button?". The name is 'submit', therefore we’ve got 'submit' written here.
04:52 And if the user has submitted then we start changing our password here.
04:59 Otherwise, if the user hasn’t submitted, we’re going to echo out this code here.
05:05 If the user hasn’t already submitted, then they’ll have to present with the form here, in order to submit the form.
05:12 Let’s go ahead and test this. What we’ll do here is echo out “test” to see if this works.
05:18 Let's go back and fill in. Actually we don’t need to fill anything. We will just click the submit button. And we get an echo of “test” to show that our form has been submitted successfully.
05:34 Ok, so we need to start changing the password. Delete this and here we will say “check fields”.
05:40 We’ve got a few variables that we need to set - our '$old password' which will be equal to 'POST' variable name “old password”. We have given that name down here in our form.
05:55 And I’ll just replicate these for each value that we are submitting.
06:00 Next one is “new password” and then we have “repeat new password”. We’ll just change these.
06:10 To make sure these are working and I do recommend you do this all the time, echo out “old password”, “new password” and ”repeat new password”.
06:25 It checks for the form existence, whether the form has been submitted and then we get our variables and our post variables into the variable name.
06:38 I’ll echo out what we’ve typed in the box, just to see if everything is working.
06:40 So, my old password is “abc” and my old password is “123”. Click Change password and we get abc, 123 and 123.
06:52 So, that form information has been submitted. There are no spelling mistakes. I can be confident that I can get my user to set up a new password.
07:00 I’m going to stop the tutorial now. In the next part, I'll teach how to check the old password against the new password in the database, how to check if the new password and the repeated password match and then to change the user’s password.
07:24 Thanks for watching. This is Joushwa Mathew, dubbing for the Spoken Tutorial project.

Contributors and Content Editors

Gyan, PoojaMoolya, Pratik kamble, Priyacst, Sandhya.np14