I am working on a simple script that allows users to create an account and change password in a database. The only problem I'm having is creating a script that allows the user to change their password. It doesn't update in my DB. I am getting successfully message but it doesn't update in DB. Please help me any suggestions will be much appreciated Please let me know if any more details required?
<form method="POST">
old:<input type="text" name="old_pass">
new:<input type="text" name="">
conf:<input type="text" name="">
<input type="submit" name="submit" value="save">
</form>
<?php
$conn_db = mysqli_connect("localhost","root","","oz");
if(!$conn_db)
{
echo "not connect";
}
echo "connect".mysqli_error($conn_db);
SESSION_START();
if($_SERVER['REQUEST_METHOD']=="POST")
{
if(isset($_POST['submit']))
{
$old_pass=$_POST['old_pass'];
$new_pass=$_POST['new_pass'];
$re_pass=$_POST['re_pass'];
$chg_pwd=mysqli_query($conn_db,"SELECT * FROM admin WHERE email='$email'");
$chg_pwd1=mysqli_fetch_array($chg_pwd);
$data_pwd=$chg_pwd1['pass'];
if($data_pwd==$old_pass){
if($new_pass==$re_pass){
$update_pwd=mysqli_query($conn_db,"UPDATE admin SET pass='$new_pass' where email='$email'");
echo "<script>alert('Update Sucessfully'); window.location='index.php'</script>";
}
else{
echo "<script>alert(`Your new and Retype Password is not match`); window.location='index.php'</script>";
}
}
else
{
echo "<script>alert(`Your old password is wrong`); window.location='change.php'</script>";
}}
}
?>