Posted by mfrey on 07/13/05 13:34

hi there


> if ($oldpwd == $row{'password'}) { //if old passwords match
> if (mysql_query("UPDATE users SET password='".$newpwd1."' WHERE
> id='".userID."'")){ //set new password to hash of $newpwd1
> $resultN = mysql_query("SELECT * FROM users where

"UPDATE users SET password='".$newpwd1."' WHERE id='".userID."'"

missing '$' in front of userID (should be $userID )

when encountering things like this i always echo the sql statement just
befor the query is executed

cy matthias

[Back to original message]