I store user passwords as a plain text in the database. So it's easy to change the password. I use this code,
while($row = mysql_fetch_array($result)) {
if($row['Password']==$opass)
mysql_query(
"UPDATE information SET Password='$pass' WHERE Username='$name'"
);
}
First I am checking that user put his old password correctly ($opass), then I allow him to change it to new password ($pass). I think I could check old password because I stored it as plain text. But if I use any hash algorithm, how could this if($row['Password']==$opass) code work? I think $opass and $row['Password'] won't be same.
Just hash the user inputted password with the equivalent hashing function, and compare that to what you have stored in your database.
while($row = mysql_fetch_array($result)){
if($row['Password']==yourOneWayPasswordHashingFunction($opass))
mysql_query("UPDATE information SET Password='$pass' WHERE Username='$name'");}
As I mentioned in the comments, use bcrypt. Passwords can be hard, so use this, and then go shopping, in time for xmas too :)
Also...
I store user passwords as a plain text in the database. So it's easy to change the password.
Emphasis mine.
You should never store plain text passwords, and it's easy to change is not a valid reason. Kudos, however, for recognising the need to do something about it.