[SOLVED] Seeking Advice on Myaccount.php Logic Design

limitphp · January 23, 2009

I'm creating a simple music site. The myaccount.php, as of right now, will just allow users to update their passwords and security questions/answers.

Should I have require them to put in their current passwords and security answers to update their passwords/security questions/answers, or just let them update it without putting in their current passwords/security answers?

premiso · January 23, 2009

I make them enter their current password, incase they did a cookie hack to get in the site.

aebstract · January 23, 2009

I would probably also have a validation link sent to the email on the account. Be a personal preference though.

revraz · January 23, 2009

I would think as a minimum you would want them to enter their old PW.

limitphp · January 23, 2009

thanks guys....

I'll make them input their current password to change stuff, and then I'll send them an email letting them know about the changes.

Sign In

[SOLVED] Seeking Advice on Myaccount.php Logic Design

Recommended Posts

limitphp

Link to comment

Share on other sites

premiso

Link to comment

Share on other sites

aebstract

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

limitphp

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information