$pageTitle="Change Password"; include($_SERVER['DOCUMENT_ROOT'] . "/template/header.php"); //check for the variables if($_POST['username'] && $_POST['oldp'] && validate_password($_POST['newp1']) && validate_password($_POST['newp2']) && $_POST['newp1']==$_POST['newp2']){ $username=$_POST['username']; $oldp=$_POST['oldp']; $newp1=$_POST['newp1']; $newp2=$_POST['newp2']; $queryString="UPDATE Members SET password=MD5('$newp1') WHERE username='$username' AND password=MD5('$oldp') LIMIT 1"; $result=database_query($queryString); if($result){ //success echo "
Your password has been updated. You can now log in using this new password.
\n"; } else{ //failure echo "We could not update your password. While it could be a technical problem the most likely cause is that you provided the wrong current password. Please try again.
\n"; } } elseif($_POST['username'] && $_POST['oldp'] && $_POST['newp1']!=$_POST['newp2']){ echo "You did not correctly enter the same new password twice. Please try again.
\n"; } else{ //nothing was submitted so just show the form //echo "You failed to supply all the required fields or your new password does not follow the rules (6-24 character, only letters and numbers) or you did not correctly enter the same new password twice. Please try again.
\n"; } ?>To change your password enter your username, current password, and then what you want the new password to be.
include($_SERVER['DOCUMENT_ROOT'] . "/template/footer.php"); ?>