Hi guys
I am having all sorts of problems with my script. I want the script to check current password before allowing member to change their password to a new one. My script is failing to check their old password and also to match their new password with confirm new password. I am still new in php and I am using mysqli please help. I will be adding security later on.
<?php
include_once("Mydbtable.php");
if(isset($_POST['submit'])) {
$Old_pwd=$_POST['Oldpass'];
$New_pwd=$_POST['pass1'];
$confirm_pwd=$_POST['pass2'];
$data_pwd=$fetch['Oldpass'];
$email=$fetch['email'];
$sql = "SELECT * FROM MembersTable WHERE email = '$email' AND password = '$Old_pwd' ";
$result = mysqli_query($Mydbtable, $sql);
if($New_pwd==confirm_pwd && $data_pwd==$Oldpass){
$sql = "UPDATE MembersTable SET password = '$New_pwd' WHERE email = '$email' ";
$result = mysqli_query($Mydbtable, $sql);
$msg="password changed";
}
else {
if($pass1 == "" || $pass2 == ""){
$msg= "Passwords do not match. Please GO BACK and try again.";
exit();
}
}
?>
<form method="post" name="change">
<?php echo $msg; ?>
<p>old password<br />
<input type="password" name="Oldpass" id="Oldpass" /></p>
<p>New password<br />
<input type="password" name="pass1" id="pass1" />
</p>
<p>Confirm password<br />
<input type="password" name="pass2" id="pass2" />
</p>
<p>
<input name="submit" type="submit" value="Save Password" />
</p>
</form>