I have the following code and I need to know it if would work because i don't have the time to test.
<?
session_start();
if ( empty( $first_name ) ) {
?> Welcome Guest, You Can Login <a href="tlogin.php">Here</a>, Or Signup For Your
Free Account <a href="join_form.php">Here</a>
<?
} else { include 'db.php'; echo "Welcome,
". $_SESSION['first_name'] ."";
?>
<html>
<head>
<title>Change Pass</title>
</head>
<body>
<form name=form1 method=post action=changepass1.php>
<table width=100% border=0 cellpadding=4 cellspacing=0>
<tr>
<td width=24% align=left valign=top>Old Password</td>
<td width=76%><input name=oldpass type=text id=oldpass></td>
</tr>
<tr>
<td align=left valign=top>New Pass</td>
<td><input name=newpass type=text id=newpass></td>
</tr>
<tr>
<td align=left valign=top>New Pass(again)</td>
<td><input name=newpass2 type=text id=newpass2></td>
</tr>
<tr>
<td align=left valign=top> </td>
<td><input type=submit name=Submit value=Change></td>
</tr>
</table>
</form>
</body>
</html>
Then for the check pass is here
<?
include("db.php");
$oldpasspass = $_POST["oldpasspass"];
$newpass = $_POST["newpass"];
$newpass2 = $_POST["newpass1"];
if ((!$oldpasspass) || (!$newpass) || (!$newpass2)) {
echo "You forgot to enter some of the required information.";
if (!$oldpasspass) {
echo "You have to enter an old password!";
}
if (!$newpass) {
echo "You have to enter a new password!";
}
if (!$newpass2) {
echo "You have to retype your new password!";
}
exit();
}
if (($newpass) != ($newpass2)) {
die("Your new passwords don't match!");
}
$password = $newpass;
$decrypted_pass = $newpass;
$password = md5($password);
$username = $_SESSION['username'];
// connect to database
include("connect.php");
$query = "UPDATE users SET
password='$password'
WHERE username='$username'";
if ($result = mysql_query($query)){
echo "password changed<br>";
} else {echo "error changing password";}
?>
so should work in theory right.
