Code:
<?php include('info.php'); session_start(); if(!isset($_SESSION['UserID'])){header("location:index.php");} $opw=ms_escape_string(htmlentities($_POST["oldpw"])); $npw=ms_escape_string(htmlentities($_POST["newpw"])); $UserID=$_SESSION["UserID"]; $res= mssql_query("SELECT * FROM PS_UserData.dbo.Users_Master WHERE UserID='".$UserID."' AND Pw='".$opw."'"); if(mssql_num_rows($res)==0){$_SESSION["msg"]='Couldn\'t change the password. Please provide the correct old Password';} else { mssql_query("UPDATE PS_UserData.dbo.Users_Master SET Pw='".$npw."' WHERE UserID='".$UserID."'"); $_SESSION["msg"]="Password changed. Please allow up to 1 minute for the changes to be made into the database."; } header("location:usercp.php"); ?>
I need to edit some lines not to allow more than 13 and less than 3 .
Like
Code:
if(mssql_num_rows($npw)< 3){$_SESSION["msg"]='New password must be between 3 and 13 characters in length.;} else if(mssql_num_rows($npw)> 13){$_SESSION["msg"]='New password must be between 3 and 13 characters in length.';}