Update Password Code Not Working

[dual_alliance]

Hello,

l have this code, but when l click submit nothing happens and l can't understand why l have checked to see if their is anything wrong and l can't put my finger on the problem.

[code=php:0]
#################
## Edit Password ##
#################

if($_GET['change'] == 'pass'){
// Have they submitted it to be changed?
if(isset($_POST['epas'])){
$oldPass = MD5($_POST['editopass']);
$newPass = MD5($_POST['editnpass']);
$cNewPass = MD5($_POST['editcnpass']);
// Has the user entered the correct old password?
$sql11 = "SELECT `m.id`,`m.password` FROM `users` WHERE `m.id` ='$mid' AND `m.password` ='$oldPass' ";
$result11 = mysql_query($sql11) or die("Problem with the query: $sql11 <br>" . mysql_error());
$users11 = mysql_num_rows($result11);
if($users11 == 1){
if( (!$newPass) || (!$cNewPass)  ) {
echo '<p class="description">You did not submit the following required information!</p>';
if(!$newPass){
echo '<p class="description">New Password is a required field!</p>';
}
if(!$cNewPass){
echo '<p class="description">Confirm New password is a required field.</p>';
}
exit();
}
// Do the 2 new passwords match?
if("$newPass" !== "$cNewPass"){
echo '<p class="description">New passwords do not match, please re-enter your new password</p';
exit();
}
// The user has entered the right password

// So update the pasword
$sql13 = "UPDATE `users` SET `m.password` = '$cNewPass' WHERE `m.id` = '$mid' ";
$result13 = mysql_query($sql13) or die(mysql_error());
if($result13){
?>
<p class="description">Password updated succesfully!<br />
<a href="profile.php">Back</a>
</p>
<?php
}
}
}
// Create the form
?>
<p class="description">
<form action="<?php echo $PHP_SELF; ?>" method="post">
<label>Old Password: </label><input type="password" name="editopass" /><br />
<label>New Password: </label><input type="password" name="editnpass" /><br />
<label>Confirm New Password: </label><input type="password" name="editcnpass" /><br />
<br />
<input type="submit" name="epas" value="Change" /><br /><br />
</form>
</p>
<?php
}[/code]

Thanks,

dual_alliance

[obsidian]

well, your form is using the "post" action, but you're checking the $_GET global to see if the form has been submitted. change your code to check the $_POST array and see what you get.

[dual_alliance]

Well not really because higher above the code l have
[code=php:0]
if($_GET['act'] == edit){[/code]

And the link to change the password looks like: [code]
<a href="profile.php?act=edit&change=pass">Edit Password</a><br />[/code]

I have used the same structure for editing signatures, avatars etc and they all work fine its just this code ???

[obsidian]

are your column names actually prefixed with "m."? you reference all your columns with that, but you're selecting from table 'users' in your query.

[dual_alliance]

Yes they are, my table is called "users" while the colums in my datebase are named "m.id, m.username, m.password, m.signature" etc...

[dual_alliance]

anyone...? :-\

[alpine]

where do you get the $mid from then ???

[color=blue]WHERE `m.id` ='$mid'[/color]

You have no message shouting if $users11 found is other than "1"