Hello im juner, a new php developer, i already finished with a register.php, login.php file. My problem is when the main.php is accessable after login by correct username and password stored in mysql database, the main.php composed of the following link:
changepassword.php
addsponsor.php
deletesponsor.php

when i click the changepassword.php link then the changepassword.php is not protected with the inputted username and password in login.php.

what i am asking now is, is there anybody has the idea with this problem? im about a month of searching in the internet but i never found a solution so help me.

are you asking about how to send user name and password to server with security ?

If you want changepassword to be able to check and/or change the password then you will need to make the current id and password available or at least set a flag to show that the user is properly logged in. You will want to save this as a SESSION variable so you can access it in any module that needs it.

Yes what i want is to send the username and password to the changepassword.php without another login because that case i already logged in main.php which composed of the changepassword.php link. when i click the changepassword link the username and password will be send also for the security of the changepassword.php link.

i am hoping for your help. thank for the reply.

during changing password you dont have to send user name and password to client, instead just ask current password and new password to the user, take those password to server and validate the current password, if current password is matching, reset the new password.