1) You can hand code it:
<?php
if ($_SESSION['UserGroupID'] != $row_WADAlogins['UserID']) {
header("location: accessDenied.php");
die();
}
?>
2) You should be able to pass a url parameter or set a session variable when the password is changed and check for it in an IF statement to show a message.