Your IP : 216.73.216.26
<?php error_reporting(E_ALL);
session_start();
include('../connection.php');
include '../function_lib.php';
$uid = $_SESSION['adminid'];
//echo var_dump($_POST);
$password = tres($_POST['password']);
$new_password = tres($_POST['new_password']);
$result = mysqli_query($connection, "SELECT user_id FROM admin WHERE user_id='".$uid."' AND password='".$password."'");
if(mysqli_num_rows($result)==0){
setMessage('Your old password incorrect.', 'alert-error');
// redirect('./change_password.php');
}
else{
//update user
mysqli_query($connection, "UPDATE admin SET password='".$new_password."' WHERE user_id='".$uid."'");
setMessage('Your password change successfully.', 'alert-success');
// redirect('./change_password.php');
}
?>