ok i got this peculiar error, i created a user registration panel with php which works fine & users can log in bt the changepassword.php is getting on my nerves, YES users can chnge their passwords but my code for PASSWORD MUST BE WITHIN 6-25 CHARACTERS is not working, I dunno if I have put the code in the wrong place, would you please check it out, whenever i put a new password, whether its less than 6 or greater than 6 or 25, its always showing “Password must be within 6-25”. & yeah if i remove the code user can register with any length of code. HELP please!
I’ve marked out the code below!
<?php
session_start();
$user = $_SESSION['username'];
if ($user)
{
//user is logged in
if ($_POST['submit'])
{
//check fields
$oldpassword = md5($_POST['oldpassword']);
$newpassword = md5($_POST['newpassword']);
$repeatnewpassword = md5($_POST['repeatnewpassword']);
//check pass against db
$connect = mysql_connect("localhost","root","");
mysql_select_db("phplogin");
$queryget = mysql_query("SELECT password FROM users WHERE username='$user'") or die("Query didn't work");
$row = mysql_fetch_assoc($queryget);
$oldpassworddb = $row['password'];
//check pass
if ($oldpassword==$oldpassworddb)
{
//check twonew pass
if ($newpassword==$repeatnewpassword)
{
//success
//change pass in db
if (strlen($newpassword)>25||strlen($newpassword)<6) <---------------Here is the code
{
echo "Password must be betwwen 6 & 25";
}
else
{
$querychange = mysql_query("
UPDATE users SET password='$newpassword' WHERE username='$user'
");
session_destroy();
die("Your pass has benn changed.<a href='index.php'>Return</a> to the main page");
}
}
else
die("New Pass don't match");
}
else
die("Old Pass doesn't match");
}
else
{
echo "
<form action='changepassword.php' method='POST'>
Old password: <input type='text' name='oldpassword'><p>
New password: <input type='password' name='newpassword'><p><br>
Repeat new password: <input type='password' name='repeatnewpassword'><p>
<input type='submit' name='submit' value='Change Password'>
</form>
";
}
}
else
die("You must be logged in to change your password");
?>