Nesting too deeply is generally a bad idea - it's spaghetti logic and difficult to follow. Since each of your verification steps depends on the previous stage having succeeded, don't nest at all - just bail out when a stage fails:
function change_password(blah blah blah) {
if (!$condition1) {
return false;
}
if (!$condition2) {
return false;
}
etc....
// got here, must have succeeded
return true;
}
That makes it explicitly clear what the logic sequence is.
