I have the follow code for a page where people can change there password:
<?php
include "user.php";
include "../admin/head.php";
include "../inc.php";
if (empty($page)) $page = "";
if ($page == "update")
{
if ($oldpassword <> $i[password])
{
echo "uw huidig paswoord is niet correct";
echo $oldpassword ;
echo $i[password] ;
}
else
{
if ($newpassword1 <> $newpassword2)
{
echo "passwords do not match. please re-enter passwords!";
}
else
{
mysql_query("UPDATE phpmeet SET password='$newpassword1' WHERE user = '$username'");
echo "Done updating";
}
}
}
else
{
$result = mysql_query("SELECT * FROM phpmeet WHERE user = '$username'");
while ($i = mysql_fetch_array($result))
{
?>
<html><body>
<form action=pass.php?username=<?php echo $username; ?>&page=update method=post enctype="post">
Old password: <input type=password name=oldpassword><br><br>
New password:<input type=password name=newpassword1><br>
Repeat new pasword:<input type=password name=newpassword2><br>
<input type=hidden value=$user>
<input type=submit value=submit></form></body></html>
<?php
}
}
?>
This works when I don't test: if ($oldpassword <> $i[password])
I think that the probleme is that I don't get the information out of my database. The name of the table and the row is correct.
