This is a my accounts page the user sees once they have logged in, it displays the user details from the database at the top.
i have added the function to change the password but it isnt working.
I'm trying to make it so that when the user clicks the submit button the new password replaces the old password in the database however the if statement isnt working
when i click the submit button it just refreshes the page because of my else
ob_start();
$query ="SELECT * FROM Customers WHERE Email='". $_SESSION['Email'] ."'";
$result = mysqli_query($connection,$query);
if ($row = mysqli_fetch_assoc($result)) {
$DFirstName = $row ['FirstName'];
$DLastName = $row ['LastName'];
$DEmail = $row['Email'];
$DPassword = $row ['Password'];
$DGender = $row ['Gender'];
$DAge = $row ['Age'];
echo'Welcome: ' .$DFirstName. ' ' .$DLastName. '<br/>';
echo'Email: ' .$DEmail. '<br/>';
echo'Gender: ' .$DGender. '<br/>';
echo'Age: ' .$DAge;
}else{
echo'error';
}
?>
<h1>Change your password</h1>
<form method="post">
Old Password <input type="password" name"password" value=''/></br>
New Password <input type="password" name"newpassword" value=''/></br>
<input type="submit" name"submit" value="submit"/>
</form>
<?php
if($_SERVER['REQUEST_METHOD'] == "POST") {
if ($_POST['password'] == $_SESSION['password']){
$newpassword = $_POST['newpassword'];
$username = $_SESSION['Email'];
$query = "UPDATE Customers
SET Password = '$newpassword'
WHERE Email = '$username'";
$result = mysqli_query($connection,$query);
//so that the user has to log back in once password has been changed
session_destroy();
header('location:login.php');
} else {echo 'error1';}
}else {echo 'error2';}
ob_flush();
?>
</div>
Aucun commentaire:
Enregistrer un commentaire