PHP-and-MySQL/C4/User-Password-Change-Part-3/English

From Script | Spoken-Tutorial
Jump to: navigation, search
Time Narration
0:03 This is the 3rd part of my “change password” tutorial. In this part, we’re going to change the password in the database.
0:11 We’ve already connected to our database up here.
0:14 We’re already connected here so there’s no need to reconnect, since that command has already been reissued.
0:23 I’ll create a new query called “query change” and that will be equal to “mysql query" function.
0:30 Now, this is a new bit of code. So I will scroll down so that you can see it easily.
0:36 This is “UPDATE”. So I’m going to say “UPDATE users” - which, you can see is our table - so to update our "users" table.
0:44 I will say “SET password equal to new password”
0:51 making sure I use inverted commas here.
0:56 Then I’ll say WHERE username is equal to the "user" variable that I’ve got on my page currently.
1:03 Now this equates
1:07 to what we have in this column here.
1:12 So since we’ve already processed our php session,
1:18 that is equal to "Alex".
1:21 This piece of code is basically saying “update the table, change the password to the new password entered by the user. – this is the password they want.
1:32 and change this “where” to Alex,
1:37 as this is equal to Alex.
1:40 So, this password will be changed because this username is equal to Alex.
1:45 So this starts with 900 and as soon as we change it, we can refresh this and check that it actually has been changed.
1:56 So I’ll just add a few more things
2:03 Let’s just put this back up here.
2:06 And I’ll kill the page and say “die” and then say “Your password has been changed”.
2:15 Then I’ll put a link in saying “return” and that’s going to return to the main page.
2:23 And that is “index.php”.
2:27 Before we kill the page, I’m going to destroy the session.
2:31 So “session destroy”.
2:33 The reason being, once the user has changed their password, this link will take them back to the main page, and this will destroy the session.
2:42 So they’ll need to login again using the new password.
2:59 So if we test this, remember in here, my current password is "abc" whose md5 hash starts with 900.
3:00 And if I go back here, write my old password- "abc", my new password "123" and click “change password”. , we see that all the validation has been checked, our password has been changed,, and we get this message to return back to the main page.
3:18 Now if I try to go back to the member page, you will see that you must be logged in. Our session has been destroyed, as we used our “session destroy” function here.
3:32 And also, when I login again and type "abc" as my password which is my old password, we get an “Incorrect password” message.
3:43 If I try "123", you’re in, and evidence of this is shown in here.
3:50 Let’s just go back and click “browse”. Lets scroll down and we can see that the password has been changed from 900 to 202.
3:59 Therefore this is a completely new hash and a completely new password.
4:06 So everything’s working fine. You can see that it is quite simple to do this.
4:11 All you need to do is learn your "sql" queries properly. I have tutorials on that, too.
4:18 And you need to think logically about how to check your old password, and your two new passwords,
4:24 Obviously when we did our registration, we had a limit for how big the password should be.
4:31 I’ll leave that to you to enter another check to see if the password should be bigger than 6 characters or no bigger than 25 characters.
4:42 So really there are a lot of checks you can do, but this is the basic skeleton for changing the password in php using a mysql database.
4:53 Hope you enjoyed this. If you have any comments or questions please let me know. Also subscribe to video updates.
5:01 Thanks for watching! This is Harini dubbing for the Spoken Tutorial Project.

Contributors and Content Editors

Chandrika, Pravin1389