oci_password_change
Changes password of Oracle's user
Description
bool oci_password_change(
resource $connection
,
string $username
,
string $old_password
,
string $new_password
)
resource oci_password_change(
string $database_name
,
string $username
,
string $old_password
,
string $new_password
)
The oci_password_change function is most useful for PHP command-line scripts,
or when non-persistent connections are used throughout the PHP application.
Parameters
-
connection
-
An Oracle connection identifier, returned by
oci_connect or oci_pconnect.
-
username
-
The Oracle user name.
-
old_password
-
The old password.
-
new_password
-
The new password to be set.
-
database_name
-
The database name.
Return Values
When database_name
is provided, oci_password_change returns true
on success,
or false
on failure. When connection
is provided, oci_password_change returns
the connection resource on success, or false
on failure.
Examples
Example #1 oci_password_change example changing the password of an already connected user
<?php
$dbase = 'localhost/orcl';
$user = 'cj';
$current_pw = 'welcome';
$new_pw = 'geelong';
$c = oci_pconnect($user, $current_pw, $dbase);
oci_password_change($c, $user, $current_pw, $new_pw);
echo "New password is : " . $new_pw . "\n";
?>
Example #2 oci_password_change example of connecting and changing the password in one step
<?php
$dbase = 'localhost/orcl';
$user = 'cj';
$current_pw = 'welcome';
$new_pw = 'geelong';
$c = oci_pconnect($user, $current_pw, $dbase);
if (!$c) {
$m = oci_error();
if ($m['code'] == 28001) { // "ORA-28001: the password has expired"
// Login and reset password at the same time
$c = oci_password_change($dbase, $user, $current_pw, $new_pw);
if ($c) {
echo "New password is : " . $new_pw . "\n";
}
}
}
if (!$c) { // The original error wasn't 28001, or the password change failed
$m = oci_error();
trigger_error('Could not connect to database: '. $m['message'], E_USER_ERROR);
}
// Use the connection $c
// ...
?>
Notes
Note:
Changing the password either with this function or directly in
Oracle should be done carefully. This is because PHP applications
may continue to successfully reuse persistent connections by
authenticating with the old password. The best practice is to
restart all web servers whenever the user password is changed.
Note:
If upgrading the Oracle client libraries or the database from a release prior to 11.2.0.3
to version 11.2.0.3 or higher, oci_password_change may give the
error "ORA-1017: invalid username/password" unless both client and server versions are upgraded at
the same time.
Note:
The second oci_password_change syntax is available
since OCI8 version 1.1.