Hello, I'm creating a change password script and my problem is the lenght of the password (strlen). For example if the user add 1 character as his password i will be correct and then his password will be changed. I want to be the lenght of the password longer than 6 characters, here is my script:
<?php
session_start();
$username = @$_SESSION['username'];
$form = "<form action='changepass.php' method='POST'>
Current password: <input type='text' name='c_password'><br />
New password: <input type='password' name='n_password'><br />
Re-enter new password: <input type='password' name='rn_password'><br />
<input type='submit' name='submit' value='Change password'><br />
</form>";
if($_SESSION['username']){
if(isset($_POST['submit'])){
$connect = mysql_connect("localhost", "**********", "**********");
mysql_select_db("**********");
$query = mysql_query("SELECT password FROM users2 WHERE username='".$username."'");
$row = mysql_fetch_assoc($query);
$c_password = sha1(@$_POST['c_password']);
$n_password = sha1(@$_POST['n_password']);
$rn_password = sha1(@$_POST['rn_password']);
$c_password_db = $row['password'];
if(isset($_POST['c_password']) && !empty($_POST['c_password'])&&isset($_POST['n_password']) && !empty($_POST['n_password'])&&isset($_POST['rn_password']) && !empty($_POST['rn_password'])){
if($c_password==$c_password_db){
if($n_password==$rn_password){
if(strlen($n_password) < 6 || strlen($rn_password) < 6){
die("The lengh of the new password must be longer than 6!");
}else{
$querychange = mysql_query("UPDATE users2 SET password='".$n_password."' WHERE username='".$username."'");
session_destroy();
die("Your password has been changed. <a href='member.php'>Return</a>");
}
}else{
die("Your new password do not match!").mysql_error();
}
}else{
echo "Your current password do not match!";
}
}else{
die("Please fill in all the fields!");
}
}else{
echo $form;
}
}else{
die("You must be logged in to change your password!");
}
?>
Any help will be appriciated 
Thanks