OCI8 Functions
PHP Manual

oci_password_change

Changes password of Oracle's user

Description

bool oci_password_change(
    resource $connection,
    string $username,
    string $old_password,
    string $new_password
)
resource oci_password_change(
    string $database_name,
    string $username,
    string $old_password,
    string $new_password
)

Changes password for user with username.

The oci_password_change function is most useful for PHP command-line scripts, or when non-persistent connections are used throughout the PHP application.

Parameters

connection

An Oracle connection identifier, returned by oci_connect or oci_pconnect.

username

The Oracle user name.

old_password

The old password.

new_password

The new password to be set.

database_name

The database name.

Return Values

When database_name is provided, oci_password_change returns true on success, or false on failure. When connection is provided, oci_password_change returns the connection resource on success, or false on failure.

Examples

Example #1 oci_password_change example changing the password of an already connected user

<?php

$dbase      = 'localhost/orcl';
$user       = 'cj';
$current_pw = 'welcome';
$new_pw     = 'geelong';

$c = oci_pconnect($user, $current_pw, $dbase);
oci_password_change($c, $user, $current_pw, $new_pw);
echo "New password is : " . $new_pw . "\n";

?>

Example #2 oci_password_change example of connecting and changing the password in one step

<?php

$dbase      = 'localhost/orcl';
$user       = 'cj';
$current_pw = 'welcome';
$new_pw     = 'geelong';

$c = oci_pconnect($user, $current_pw, $dbase);
if (!$c) {
    $m = oci_error();
    if ($m['code'] == 28001) { // "ORA-28001: the password has expired"
        // Login and reset password at the same time
        $c = oci_password_change($dbase, $user, $current_pw, $new_pw);
        if ($c) {
            echo "New password is : " . $new_pw . "\n";
        }
    }
}

if (!$c) {  // The original error wasn't 28001, or the password change failed
    $m = oci_error();
    trigger_error('Could not connect to database: '. $m['message'], E_USER_ERROR);
}

// Use the connection $c
// ...

?>

Notes

Note:

Changing the password either with this function or directly in Oracle should be done carefully. This is because PHP applications may continue to successfully reuse persistent connections by authenticating with the old password. The best practice is to restart all web servers whenever the user password is changed.

Note:

If upgrading the Oracle client libraries or the database from a release prior to 11.2.0.3 to version 11.2.0.3 or higher, oci_password_change may give the error "ORA-1017: invalid username/password" unless both client and server versions are upgraded at the same time.

Note:

The second oci_password_change syntax is available since OCI8 version 1.1.