username and passwor protected webpage using php and mysql

Question

juner4 0 Newbie Poster

15 Years Ago

Hello im juner, a new php developer, i already finished with a register.php, login.php file. My problem is when the main.php is accessable after login by correct username and password stored in mysql database, the main.php composed of the following link:
changepassword.php
addsponsor.php
deletesponsor.php

when i click the changepassword.php link then the changepassword.php is not protected with the inputted username and password in login.php.

what i am asking now is, is there anybody has the idea with this problem? im about a month of searching in the internet but i never found a solution so help me.

mysql php

3 Contributors
4 Replies
156 Views
1 Day Discussion Span
Latest Post 15 Years Ago Latest Post by DangerDev

DangerDev 107 Posting Pro in Training

15 Years Ago

are you asking about how to send user name and password to server with security ?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

chrishea 182 Nearly a Posting Virtuoso · Answer 1 · 2009-08-12T03:34:11+00:00

If you want changepassword to be able to check and/or change the password then you will need to make the current id and password available or at least set a flag to show that the user is properly logged in. You will want to save this as a SESSION variable so you can access it in any module that needs it.

juner4 0 Newbie Poster · Answer 2 · 2009-08-12T07:32:25+00:00

Yes what i want is to send the username and password to the changepassword.php without another login because that case i already logged in main.php which composed of the changepassword.php link. when i click the changepassword link the username and password will be send also for the security of the changepassword.php link.

i am hoping for your help. thank for the reply.

DangerDev 107 Posting Pro in Training · Answer 3 · 2009-08-12T10:04:36+00:00

during changing password you dont have to send user name and password to client, instead just ask current password and new password to the user, take those password to server and validate the current password, if current password is matching, reset the new password.