if ($verify_account_result[0] > 3) { //if verifyAccount result is greater than 3 and we don't want the user to enter a new password: echo $verify_account_result[1]; } } //if form is submitted and the input passwords are correct length and match each other: if (isset($_POST['form_sent']) && strlen($_POST['p']) > 7 && $_POST['p'] === $_POST['r']) { include_once "inc/class.users.inc.php"; $user = new SiteUser(); //$username_entry = $_POST['username']; $password_entry1 = $_POST['p']; $password_entry2 = $_POST['r']; $user_id = $_POST['form_sent']; //store user ID from hidden field in form as $user_id variable (hidden field value comes from URL) //store entered password in database: $updatePassword_result = $user->updatePassword($password_entry1, $password_entry2, $user_id); //$user->updateUsername($email, $username_entry); echo $updatePassword_result; echo "<h4><a href='login.php'>Click here to go to the home page</a></h4>"; exit; } //if the plain URL for this page is entered in with out the e variable: //we should probably direct the user back to the home page in this case if ((!isset($_GET['e']) or !isset($_GET['v'])) && !isset($_POST['form_sent'])) { //if the URL for this page did not include both the email and ver code values, we return the user to the home page: header("Location: home.php"); exit; } else { ?>