Change Password Using PHP Mysqli

<?php
                                                       
if(isset($_POST['btn_update']))
{
   
     $query = 'select * from admin_login where  password="'.$_POST['pass'].'"and email ="'.$_SESSION['email'].'" ';

//include('conclass.php');
//$con=new conclass();
//$res=$con->exec_query($query);
//echo $query;
$res=mysqli_query($con,$query);

if(mysqli_num_rows($res)>0)
{
if (false === $res) {
    echo mysql_error();}
if(strlen($_POST['pass1']) >= 5 )
    {
        if($_POST['pass1']==$_POST['pass2'])
        {
        $query1='update admin_login set password="'.$_POST['pass1'].'" where email ="'.$_SESSION['email'].'" ';   
$res=mysqli_query($con,$query1);

          echo '<script type="text/javascript">';
          echo 'alert("Password changed Successfully !!!! ");';
          echo 'window.location.href = "home.php";';
          echo '</script>';
        }
        else
        {
        echo '<script type="text/javascript">';
        echo 'alert(" password is not matched...  try again !!!! ");';
        echo 'window.location.href = "change_password.php";';
        echo '</script>';
        }
    }
else
{
    echo '<script type="text/javascript">';
    echo 'alert(" password is greater than 6");';
    echo 'window.location.href = "change_password.php";';
    echo '</script>';
}
}
else
{
    echo '<script type="text/javascript">';
    echo 'alert("Old password is not matched...  try again");';
    // $query1;
    //echo 'window.location.href = "change_password.php";';
    echo '</script>';
           

}
           }
?>

Previous
Next Post »