NewPassword is not thesame with re-entered password.";
}else{
$password = mysqli_escape_string($conn, $_POST['password']);
$password2 = mysqli_escape_string($conn, $_POST['password2']);
//---------------------------------------------
$query = "SELECT * FROM user_register WHERE pw = '$password'";
$result = mysqli_query($conn, $query) or die(mysqli_error($conn));
if (mysqli_num_rows($result) == 0) {
$msg="Sorry Old Password not registered please enter correct existing password.";
}else{
//----------------------------------------------
$sql = "UPDATE user_register SET pw='$password2' WHERE pw= '$password'";
mysqli_query($conn, $sql) or die(mysqli_error($conn));
$msg="Password Successfully changed.";
}
}
}
?>