WintersDance
said...
<
i>
Try something
like this:
Change Form:
<BR><f
ont
size=1><u
>Code:</u
><BR>&
lt;div
name="div
_box"
class="di
vCode">
;
<form
action="&
lt;? echo
$PHP_SELF;
?>"
method=post>
<input
type="hid
den"
name="use
rname"
value="&l
t;?php echo
$_SESSION['use
rname'];
?>">
;
<table>
<tr><t
d
colspan=2>&l
t;p>Change
Password</td
></tr>
<tr><t
d><p>O
ld
password:</t
d>
<td><i
nput
type="pas
sword"
name="old
_password"
; size=16
maxlength=16>
;</td><
;/tr>
<tr><t
d><p>N
ew
password:</t
d>
<td><i
nput
type="pas
sword"
name="new
_password"
; size=16
maxlength=16>
;</td><
;/tr>
<tr><t
d
colspan=2>&l
t;input
name="sub
mit"
type="sub
mit"
value="Ch
ange
password"
>
</td><
/tr>
</table>
</form>
and in your
header:
<BR><f
ont
size=1><u
>Code:</u
><BR>&
lt;div
name="div
_box"
class="di
vCode">
;
function
change_member_p
assword($userna
me,
$old_password,
$new_password)
{
//First
check if
username &
password match
in database.
$result =
mysql_query(&q
uot;SELECT *
from members
WHERE username
= '$username'
and
user_password =
'".md5($
_POST['old_pas
sword']).&quo
t;'"

;
if
(!$result)
//return
false;
echo
"<p
style=\"
color:white\&
quot;>cannot
match at
database"
;
//exit;
if
(mysql_num_rows
($result)>0)
{
// if the
old password is
right, change
their password
to new_password
and return true
$result =
mysql_query(&q
uot;UPDATE
members SET
user_password =
'".md5($
_POST['new_pas
sword']).&quo
t;' where
username =
'$username'&
quot

;
if
(!$result) {
echo
"Password
could not be
updated";
} //
not changed
else {
echo
"Password
successfully
changed";
} //
changed
successfully
}
else {
echo
"Old
Password not
correct."
;
} // Wrong
old password
}
if(isset($HTTP
_POST_VARS['su
bmit']))
{
change_member_p
assword($_POST[
'username'],
$_POST['old_pa
ssword'],
$_POST['new_pa
ssword']);
}