User visits change password page > then show field for Current Password & new password fields > enter correct current password & fill in new password > success password changed
Im wondering, how to make it like this:
User Visits change password page > then show 1st form (secret question & secret answer) > if secret question & answer fields are given correct > Give access & redirect to/or show second form (with current password & new password fields)
What is the way to do it so users are required to enter correct answers to the first form to get some sort of unique authentication before they're able to change their password? So they can't just bypass/access the change password form?
Answer
Solution:
SOLVED! Thanks @Stefino76 (from my previous post)
I used $_SESSION variable to store & compare data from database.