Need help to add value check from database

I want to add additional value check from database, field is Scode from table Login, and if the value is true form pwd field and Scode (value in Scode isnt encoded, there are just numbers) then to continue with password change, this is my present php code:

[code]

<?php function encode($password) { $EncTable = array('!'=>'95', '"'=>'88', '#'=>'9D', '$'=>'4C', '%'=>'F2', '&'=>'3E', '''=>'BB', '('=>'C0', ')'=>'7F', '*'=>'18', '+'=>'70', ','=>'A6', '-'=>'E2', '.'=>'EC', '/'=>'77', '0'=>'2C', '1'=>'3A', '2'=>'4A', '3'=>'91', '4'=>'5D', '5'=>'7A', '6'=>'29', '7'=>'BC', '8'=>'6E', '9'=>'D4', ':'=>'40', ';'=>'17', '<'=>'2E', '='=>'CB', '>'=>'72', '?'=>'9C', '@'=>'A1', 'A'=>'FF', 'B'=>'F3', 'C'=>'F8', 'D'=>'9B', 'E'=>'50', 'F'=>'51', 'G'=>'6D', 'H'=>'E9', 'I'=>'9A', 'J'=>'B8', 'K'=>'84', 'L'=>'A8', 'M'=>'14', 'N'=>'38', 'O'=>'CE', 'P'=>'92', 'Q'=>'5C', 'R'=>'F5', 'S'=>'EE', 'T'=>'B3', 'U'=>'89', 'V'=>'7B', 'W'=>'A2', 'X'=>'AD', 'Y'=>'71', 'Z'=>'E3', '['=>'D5', '\'=>'BF', ']'=>'53', '^'=>'28', '_'=>'44', '`'=>'33', 'a'=>'48', 'b'=>'DB', 'c'=>'FC', 'd'=>'09', 'e'=>'1F', 'f'=>'94', 'g'=>'12', 'h'=>'73', 'i'=>'37', 'j'=>'82', 'k'=>'81', 'l'=>'39', 'm'=>'C2', 'n'=>'8D', 'o'=>'7D', 'p'=>'08', 'q'=>'4F', 'r'=>'B0', 's'=>'FE', 't'=>'79', 'u'=>'0B', 'v'=>'D6', 'w'=>'23', 'x'=>'7C', 'y'=>'4B', 'z'=>'8E', '{'=>'06', '|'=>'5A', '}'=>'CC', '~'=>'62'); $Encode = "0x"; for ($i = 0; $i < strlen($password); $i++) $Encode .= $EncTable[$password[$i]]; return $Encode; } function decode($password) { $DecTable = array('95'=>'!', '88'=>'"', '9D'=>'#', '4C'=>'$', 'F2'=>'%', '3E'=>'&', 'BB'=>''', 'C0'=>'(', '7F'=>')', '18'=>'*', '70'=>'+', 'A6'=>',', 'E2'=>'-', 'EC'=>'.', '77'=>'/', '2C'=>'0', '3A'=>'1', '4A'=>'2', '91'=>'3', '5D'=>'4', '7A'=>'5', '29'=>'6', 'BC'=>'7', '6E'=>'8', 'D4'=>'9', '40'=>':', '17'=>';', '2E'=>'<', 'CB'=>'=', '72'=>'>', '9C'=>'?', 'A1'=>'@', 'FF'=>'A', 'F3'=>'B', 'F8'=>'C', '9B'=>'D', '50'=>'E', '51'=>'F', '6D'=>'G', 'E9'=>'H', '9A'=>'I', 'B8'=>'J', '84'=>'K', 'A8'=>'L', '14'=>'M', '38'=>'N', 'CE'=>'O', '92'=>'P', '5C'=>'Q', 'F5'=>'R', 'EE'=>'S', 'B3'=>'T', '89'=>'U', '7B'=>'V', 'A2'=>'W', 'AD'=>'X', '71'=>'Y', 'E3'=>'Z', 'D5'=>'[', 'BF'=>'\', '53'=>']', '28'=>'^', '44'=>'_', '33'=>'`', '48'=>'a', 'DB'=>'b', 'FC'=>'c', '09'=>'d', '1F'=>'e', '94'=>'f', '12'=>'g', '73'=>'h', '37'=>'i', '82'=>'j', '81'=>'k', '39'=>'l', 'C2'=>'m', '8D'=>'n', '7D'=>'o', '08'=>'p', '4F'=>'q', 'B0'=>'r', 'FE'=>'s', '79'=>'t', '0B'=>'u', 'D6'=>'v', '23'=>'w', '7C'=>'x', '4B'=>'y', '8E'=>'z', '06'=>'{', '5A'=>'|', 'CC'=>'}', '62'=>'~'); for ($i = 0; $i < strlen($password); $i++) { $Hex = sprintf("%02x", ord($password[$i])); $Decode .= $DecTable[strtoupper($Hex)]; } return $Decode; } function auth($ID, $PWD) { $connect = mssql_connect('10.0.0.1', 'SA', 'nedim'); $db = mssql_select_db('kal_auth', $connect); $q = mssql_query("SELECT [PWD] FROM Login WHERE [ID] = '$ID'", $connect); $r = mssql_fetch_array($q); $pwd = decode($r['PWD']); if($pwd == $PWD) return true; else return false; } function change($ID, $PWD) { $connect = mssql_connect('10.0.0.1', 'SA', 'nedim'); $db = mssql_select_db('kal_auth', $connect); $EPWD = encode($PWD); mssql_query("UPDATE [Login] SET [PWD] = ".$EPWD." WHERE [ID] = '{$ID}'", $connect); } if( isset($_POST['change']) ) { $id = $_POST['id']; $oldpwd = $_POST['oldpwd']; $pwd1 = $_POST['pwd1']; $pwd2 = $_POST['pwd2']; if($id == "") { echo "Please type in your id!"; return; } if($oldpwd == "") { echo "Please type in your password!"; return; } if($pwd1 == "") { echo "Please type in your new password!"; return; } if($sn == "") { echo "Please type in your SN!"; return; } if(auth($id, $oldpwd)) { if($pwd1 != $pwd2) { echo "Passwords do not match..."; } else { change($id, $pwd2); echo " Password changed successfully.. "; } } else { echo "Wrong password..."; } return; } ?>[/code]

And this is HTML code:

[code]

<tr>
  <td>
    <p align="left">ID:</p>
  </td> 
  <td>
    <p align="left"><input id="id" name="id"></p>

    <div align="center">
    </div>
  </td>
</tr>

<tr>
  <td>
    <p align="left"><label>Old password:</label></p>
  </td> 
  <td>
    <p align="left"><input id="oldpwd" type="password" name="oldpwd"></p>

    <div align="center">
    </div>
  </td>
</tr>

<tr>
  <td>
    <p align="left">New Password: </p>
  </td> 
  <td>
    <p align="left"><input id="pwd1" type="password" name="pwd1"></p>

    <div align="center">
    </div>
  </td>
</tr>

New password agin

<div align="center"> </div> <tr> <td> <p align="left">&nbsp;Secret Number</p> </td> <td> <p align="left"><input id="sn" type="text" name="sn"></p> <div align="center"> </div> </td> </tr> <tr> <td colspan="2" height="50"> <p align="left"><input class="Button" type="submit" value="Change Password" name="change"></p> <div align="center"> </div> <tr> <td></td> </tr> </table> <p>&nbsp;</p> </form>[/code] Im totaly beginner and this isnt my code but i will be grateful anyone that helps. Thank you.

Not sure what you are asking… What “Additional Value Check” do you want to add?

Thx for reply, i want users to be able to change passwords but only if value from table Login column Scode is correct thats my secret number field, so i want to add additional check for SN from column Scode, so when they fill form
ID:
Old password:
New password:
New password agin:
Secret Code:

then to implement php code that checks for SN from table Login and column Scode and if the value is correct from PWD (old pwd) column and Scode column then to change password if not then to be false. And im sorry my english isnt good enough.

well just verify the submitted password against the database (after you “Decode” it). If it matches, then encode the NEW password and update the database.

Not sure what SN is or how it’s to be used. So maybe I am missing the mark here.

I want to add Secret Number(SN) check to my existing script, SN is stored in Login table in field Scode(here is SN numbers), so i want to add check for SN too not just password so if the user SN and pwd valid then to change password but if SN is wrong then to do nothing. Im sorry again for my english.