} if (isset($_POST['new_password']) && isset($_POST['password_confirm'])) { // check if the password and confirmation match, if not display message uponn post operation if ($valid and $_POST["password_confirm"] != $_POST["new_password"]) { $err["password_confirm"] = "Passwords must match"; $valid = false; } } $form->load_by_pk($_SESSION['usr_id']); //load the data from the table by using the user type $panel_head = false; if ($valid && isset($_POST['new_password']) && isset($_POST['password_confirm']) && isset($_POST['old_password'])) { //if old and new password are set, check if the old $pass = new PasswordField(); //password matches the one that's currently in the database, if so check if the newpassowrd and the confirmation match. if they do, save it to the database $pass->new_password($_POST['old_password']); if ($pass->value == $form->fields['password']->value) { if ($_POST['new_password'] == $_POST['password_confirm']) { $form->fields['password']->new_password($_POST['new_password']); if ($form->save()) { $panel_head = true; } else { echo "Password not changed."; } } } else { $err['password_confirm'] = "Either old password is incorrect or new passwords do not match."; } } //load the html templates for the look of the change_password page $logout = "logout_button.php";