Search the Community

Hello, I'm creating a change password script and my problem is the lenght of the password (strlen). For example if the user add 1 character as his password i will be correct and then his password will be changed. I want to be the lenght of the password longer than 6 characters, here is my script: <?php session_start(); $username = @$_SESSION['username']; $form = "<form action='changepass.php' method='POST'> Current password: <input type='text' name='c_password'><br /> New password: <input type='password' name='n_password'><br /> Re-enter new password: <input type='password' name='rn_password'><br /> <input type='submit' name='submit' value='Change password'><br /> </form>"; if($_SESSION['username']){ if(isset($_POST['submit'])){ $connect = mysql_connect("localhost", "**********", "**********"); mysql_select_db("**********"); $query = mysql_query("SELECT password FROM users2 WHERE username='".$username."'"); $row = mysql_fetch_assoc($query); $c_password = sha1(@$_POST['c_password']); $n_password = sha1(@$_POST['n_password']); $rn_password = sha1(@$_POST['rn_password']); $c_password_db = $row['password']; if(isset($_POST['c_password']) && !empty($_POST['c_password'])&&isset($_POST['n_password']) && !empty($_POST['n_password'])&&isset($_POST['rn_password']) && !empty($_POST['rn_password'])){ if($c_password==$c_password_db){ if($n_password==$rn_password){ if(strlen($n_password) < 6 || strlen($rn_password) < 6){ die("The lengh of the new password must be longer than 6!"); }else{ $querychange = mysql_query("UPDATE users2 SET password='".$n_password."' WHERE username='".$username."'"); session_destroy(); die("Your password has been changed. <a href='member.php'>Return</a>"); } }else{ die("Your new password do not match!").mysql_error(); } }else{ echo "Your current password do not match!"; } }else{ die("Please fill in all the fields!"); } }else{ echo $form; } }else{ die("You must be logged in to change your password!"); } ?> Any help will be appriciated Thanks