Afternoon.
I am trying to create a password reset page using php. Upon clicking the reset button I get my password reset successful message but no changes have been made to my database.
Any help would be appreciated.
<?php
session_start();
$_SESSION['message'] = '';
$mysqli = new mysqli("localhost", "User", "password", "DarrenOBrien");
if ($_SESSION['loggedin']) {
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
$email=$_SESSION('email');
$result = $mysqli->query("SELECT * FROM accounts WHERE userEmail='$email'") or die($mysqli->error);
$user = $result->fetch_assoc();
if (password_verify($_POST['oldpassword'], $user['userPassword'])) {
if (($_POST['newpassword'] == $_POST['confirmnewpassword'])) {
$newpass=password_hash($_POST['confirmnewpassword'], PASSWORD_BCRYPT);
$sql = "UPDATE accounts SET userPassword='$newpass' WHERE userEmail='$email'";
$_SESSION['message'] = 'Password reset successful';
}
else {
$_SESSION['message'] = 'Passwords do not match. Please try again.';
}
}
else {
$_SESSION['message'] = 'Old password does not match password in records. Please try again.';
}
}
}
else {
header('location: register.php');
}
?>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Login</title>
<link rel="stylesheet" href="css/bootstrap.min.css">
<link rel="stylesheet" href="css/styles.css">
</head>
<body>
<!--Navbar-->
<nav class="navbar navbar-inverse">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="welcome.php">PHP Project </a>
</div>
<div id="navbar" class="collapse navbar-collapse">
<ul class="nav navbar-nav">
<li><a href="welcome.php">Home</a></li>
<li class="active"><a href="profile.php">Profile</a></li>
<li><a href="products.php">Products</a></li>
</ul>
<a href="logout.php" class="navbar-brand pull-right">Logout</a>
</div>
</div>
</nav>
<!--End of Navbar-->
<div class="container-fluid" id="profile">
<form action="reset.php" method="post" enctype="multipart/form-data" autocomplete="off">
<div class="alert-error"><?= $_SESSION['message'] ?></div>
<div class="form-group">
<label for="oldpass">Old Password:</label>
<input type="password" class="form-control" id="oldpass" placeholder="Password" name="oldpassword" autocomplete="new-password" minlength="4" required />
</div>
<div class="form-group">
<label for="newpass">New Password:</label>
<input type="password" class="form-control" id="newpass" placeholder="Password" name="newpassword" autocomplete="new-password" minlength="4" required />
</div>
<div class="form-group">
<label for="confirmnewpass">Confirm New Password:</label>
<input type="password" class="form-control" id="confirmnewpass" placeholder="Password" name="confirmnewpassword" autocomplete="new-password" minlength="4" required />
</div>
<input type="submit" value="Reset Password" name="reset" class="btn btn-block btn-primary" id="resetbtn"/>
</form>
</div>
<!-- Required bootstrap scripts -->
<script src="js/jquery-3.2.1.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<!-- End of required bootstrap scripts -->
</body>