}
if (isset($_POST['new_password']) && isset($_POST['password_confirm'])) {
// check if the password and confirmation match, if not display message uponn post operation
if ($valid and $_POST["password_confirm"] != $_POST["new_password"]) {
$err["password_confirm"] = "Passwords must match";
$valid = false;
}
}
$form->load_by_pk($_SESSION['usr_id']);
//load the data from the table by using the user type
$panel_head = false;
if ($valid && isset($_POST['new_password']) && isset($_POST['password_confirm']) && isset($_POST['old_password'])) {
//if old and new password are set, check if the old
$pass = new PasswordField();
//password matches the one that's currently in the database, if so check if the newpassowrd and the confirmation match. if they do, save it to the database
$pass->new_password($_POST['old_password']);
if ($pass->value == $form->fields['password']->value) {
if ($_POST['new_password'] == $_POST['password_confirm']) {
$form->fields['password']->new_password($_POST['new_password']);
if ($form->save()) {
$panel_head = true;
} else {
echo "Password not changed.";
}
}
} else {
$err['password_confirm'] = "Either old password is incorrect or new passwords do not match.";
}
}
//load the html templates for the look of the change_password page
$logout = "logout_button.php";
