oci_password_change
(PHP 5, PHP 7, PHP 8, PECL OCI8 >= 1.1.0)
oci_password_change — Changes password of Oracle's user
Description
resource
$connection,string
$username,string
$old_password,string
$new_password): bool
string
$database_name,string
$username,string
$old_password,string
$new_password): resource
Changes password for user with username.
The oci_password_change() function is most useful for PHP command-line scripts, or when non-persistent connections are used throughout the PHP application.
Parameters
-
connection -
An Oracle connection identifier, returned by oci_connect() or oci_pconnect().
-
username -
The Oracle user name.
-
old_password -
The old password.
-
new_password -
The new password to be set.
-
database_name -
The database name.
Return Values
When connection is provided, oci_password_change() returns true on success,
or false on failure When connection is provided, oci_password_change() returns
the connection resource on success, or false on failure
Examples
Example #1 oci_password_change() example changing the password of an already connected user
<?php
$dbase = 'localhost/orcl';
$user = 'cj';
$current_pw = 'welcome';
$new_pw = 'geelong';
$c = oci_pconnect($user, $current_pw, $dbase);
oci_password_change($c, $user, $current_pw, $new_pw);
echo "New password is : " . $new_pw . "\n";
?>
Example #2 oci_password_change() example of connecting and changing the password in one step
<?php
$dbase = 'localhost/orcl';
$user = 'cj';
$current_pw = 'welcome';
$new_pw = 'geelong';
$c = oci_pconnect($user, $current_pw, $dbase);
if (!$c) {
$m = oci_error();
if ($m['code'] == 28001) { // "ORA-28001: the password has expired"
// Login and reset password at the same time
$c = oci_password_change($dbase, $user, $current_pw, $new_pw);
if ($c) {
echo "New password is : " . $new_pw . "\n";
}
}
}
if (!$c) { // The original error wasn't 28001, or the password change failed
$m = oci_error();
trigger_error('Could not connect to database: '. $m['message'], E_USER_ERROR);
}
// Use the connection $c
// ...
?>
Notes
Note:
Changing the password either with this function or directly in Oracle should be done carefully. This is because PHP applications may continue to successfully reuse persistent connections by authenticating with the old password. The best practice is to restart all web servers whenever the user password is changed.
Note:
If upgrading the Oracle client libraries or the database from a release prior to 11.2.0.3 to version 11.2.0.3 or higher, oci_password_change() may give the error "ORA-1017: invalid username/password" unless both client and server versions are upgraded at the same time.
Note:
The second oci_password_change() syntax is available since OCI8 version 1.1.
Note:
In PHP versions before 5.0.0 you must use ocipasswordchange() instead. This name still can be used, it was left as alias of oci_password_change() for downwards compatability. This, however, is deprecated and not recommended.
