I created a change password script and it seems to not want to work.

when I put in the wrong password it doesnt error out and say Old Password doesn't match exisiting.

when I put in 2 passwords that dont match it doesnt error out...

if(isset($_POST['changepass'])){
    //Getting Variables

    $oldpass = $_POST['oldpass'];
    $newpass = $_POST['newpass'];
    $conpass = $_POST['conpass'];
    $oldpass1 = sha1($oldpass);
    $pass = sha1($newpass);
    //check exisiting password matches
    if(!$oldpass){
        $passmsg = "Please Enter Password";
    }else{
    $query = "SELECT * FROM admin WHERE id='$id'";
    $result=mysql_query($query);
    $row=mysql_fetch_array($result);
    if($oldpass1 = $row['passcode']){
        //Check new password and confirm passwords match
        if ($newpass == $conpass) {
                //Update the database
                $sql = mysql_query("UPDATE admin SET passcode='$pass' WHERE id = '$id'")or die (mysql_error());
                $to = "$email";
                $additionalheaders = 'MIME-Version: 1.0' . "\r\n";
                $additionalheaders .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
                $additionalheaders .= "From: Patrick's Computer Repair Inc.\r\n";
                $additionalheaders .= "Reply-To: noprely@patrickspcrepair.com";
                $subject = "Your password has been changed";
                $body = "<html><body>"."\n";
                $body .= "Hi $login_session, <br /><br /> You or someone else has recently changed your password. <br />If you did not request this change, please contact us immedately at support@patrickspcrepair.com <br /><br />Your username is $user <br /><br />Regards, <br /><br /><img style=\"border:none; text-decoration:none;\" src=\"http://patrickspcrepair.com/portal/images/logo.gif\" alt=\"Patrick\'s Computer Repair Inc.\" /> ";
                $body .= "</html></body>"."\n";
                mail($to, $subject, $body, $additionalheaders);
                $passmsg = 'Your password has been changed.  Please logout and back in.';
                    }else{
                $passmsg = 'Passwords do not match';
                    }
    }else{
        $passmsg = "Old password is incorrect";
    }
    }
}

Try changing line 16 to use == in the comparison and see if that makes a difference.

DAMMIT, lol that is so obvious. I cannot beleive that i missed that. I did it below but forgot that one.

and it did work. THanks again.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.