I have the below codes working for only the first user. The challenge here is; only the first user can change password, new users can't.

Error Messaage "Old password is wrong"

I am hoping that someone can assist me in correcting what I have already done to make it work.

<?php   
error_reporting(E_ERROR | E_PARSE);
session_start();
$ac = $_SESSION['account_number'];

$link=mysqli_connect('localhost','root','');
  if(!$link)
    {
      die('Connection failed: '.mysql_error());
    }
     mysqli_select_db($link,'login_portal');
  $row=mysqli_query($link, "select user_name from Login where account_number = '$ac' ");
  $row1=mysqli_fetch_array($row);
  ?>
<!DOCTYPE html>
<html>
<head>
<title>Change Password</title>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
<body>
  <table align="center" cellpadding="0" cellspacing="1" class="graybox">
      <tbody>

<td width="800" valign="top" class="contentArea">
    <table width="100%" border="0" cellspacing="0" cellpadding="20">
        <tbody><tr>
          <td>
<p>&nbsp;</p>
  <form action="chang_pass_script.php" method="post">
    <table border="0" cellpadding="5" cellspacing="1" class="entryTable">
      <tbody>
        <tr>
        <td width="160" height="30" class="label"><font size="2">User Name</font></td>
        <td height="30" class="content">    
      <input type="text" size="40" name="username" value="<? echo $row1['user_name'];?>">
    </td>
      </tr>
      <tr>
        <td width="160" height="30" class="label"><font size="2">Number
          <input type="text" size="40" name="account" value="<? echo $ac;?>" readonly ></td>
      </tr>
      <tr>
        <td width="160" height="30" class="label"><font size="2">Current Password</font></td>
        <td height="30" class="content">
    <span> 
              <input name="oldPass" type="password"  size="30" required><br>
    </span>
    </td>
      </tr>
      <tr>
        <td width="160" height="30" class="label"><font size="2">New Password</font></td>
        <td height="30" class="content">
    <span> 
              <input name="nPass" type="password"  size="30" required><br>
    </span>
    </td>
      </tr>

    <tr>
        <td width="160" height="30" class="label"><font size="2">Confirm New Password</font></td>
        <td height="30" class="content">
    <span> 
              <input name="cPass" type="password" size="30" required><br>
      </span>
    </td>
      </tr>
      <tr>
        <td height="30">&nbsp;</td>
        <td height="30"><input type="Submit" name="Submit" value="CHANGE PASSWORD"></td>
      </tr>
    </tbody></table>
  </form>
  </td>
        </tr>
        </tbody></table>
  </td>
  </tr>
  <tr>
    </tr>
</tbody></table>
  </body>
</html>
<?php
  //session_destroy();
?> 

Chang_pass_script.php

<?php
$link=mysqli_connect('localhost','root','');
  if(!$link)
    {
      die('Connection failed: '.mysql_error());
    }
     mysqli_select_db($link,'login_portal');

 if(isset($_POST['Submit']))
    {
    $ac = $_POST['account'];

    $old_pass=$_POST['oldPass'];

    $new_pass=$_POST['nPass'];

    $re_pass=$_POST['cPass'];

    $chg_pwd=mysqli_query($link, "select account_number,password from Login");

    $chg_pwd1=mysqli_fetch_array($chg_pwd);

    $data_pwd=$chg_pwd1['password'];

    $data_ac = $chg_pwd1['account_number'];

    if($data_pwd==$old_pass){

    if($new_pass==$re_pass){

      $update_pwd=mysqli_query($link, "update Login set password='$new_pass' where account_number='$data_ac'");

      echo "<script>alert('Update Sucessfully'); window.location='dashboard.php'</script>";
    }
    else{
      echo "<script>alert('Your new and Retype Password is not match'); window.location='chang_pass.php'</script>";
    }
    }
    else
    {
    echo "<script>alert('Your old password is wrong'); window.location='chang_pass.php'</script>";
    }}
?>

I don't see whre you're selecting the old password for the user, other than this:
$chg_pwd=mysqli_query($link, "select account_number,password from Login");

And that doesn't get the details for the particular user which makes me think you're just retrieving the first user each time.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.