Specifications
display_user_menu();
do_html_footer();
exit;
}
else
{
if ($new_passwd!=$new_passwd2)
echo “Passwords entered were not the same. Not changed.”;
else if (strlen($new_passwd)>16 || strlen($new_passwd)<6)
echo “New password must be between 6 and 16 characters. Try again.”;
else
{
// attempt update
if (change_password($valid_user, $old_passwd, $new_passwd))
echo “Password changed.”;
else
echo “Password could not be changed.”;
}
}
display_user_menu();
do_html_footer();
?>
This script checks that the user is logged in (using check_valid_user()), that they’ve filled
out the password form (using filled_out()), and that the new passwords are the same and the
right length. None of this is new. If all that goes well, it will call the change_password()
function as follows:
if (change_password($valid_user, $old_passwd, $new_passwd))
echo “Password changed.”;
else
echo “Password could not be changed.”;
This function is from our user_auth_fns.php library, and the code for it is shown in Listing
24.16.
LISTING 24.16 change_password() Function from user_auth_fns.php—This Function
Attempts to Update a User Password in the Database
function change_password($username, $old_password, $new_password)
// change password for username/old_password to new_password
Building Practical PHP and MySQL Projects
P
ART V
520
LISTING 24.15 Continued
30 7842 ch24 3/6/01 3:34 PM Page 520