Search the Community

Hi guys I am having all sorts of problems with my script. I want the script to check current password before allowing member to change their password to a new one. My script is failing to check their old password and also to match their new password with confirm new password. I am still new in php and I am using mysqli please help. I will be adding security later on. <?php include_once("Mydbtable.php"); if(isset($_POST['submit'])) { $Old_pwd=$_POST['Oldpass']; $New_pwd=$_POST['pass1']; $confirm_pwd=$_POST['pass2']; $data_pwd=$fetch['Oldpass']; $email=$fetch['email']; $sql = "SELECT * FROM MembersTable WHERE email = '$email' AND password = '$Old_pwd' "; $result = mysqli_query($Mydbtable, $sql); if($New_pwd==confirm_pwd && $data_pwd==$Oldpass){ $sql = "UPDATE MembersTable SET password = '$New_pwd' WHERE email = '$email' "; $result = mysqli_query($Mydbtable, $sql); $msg="password changed"; } else { if($pass1 == "" || $pass2 == ""){ $msg= "Passwords do not match. Please GO BACK and try again."; exit(); } } ?> <form method="post" name="change"> <?php echo $msg; ?> <p>old password<br /> <input type="password" name="Oldpass" id="Oldpass" /></p> <p>New password<br /> <input type="password" name="pass1" id="pass1" /> </p> <p>Confirm password<br /> <input type="password" name="pass2" id="pass2" /> </p> <p> <input name="submit" type="submit" value="Save Password" /> </p> </form>