I have a php page which is logged in with a user account. Now i want to change my password here, also I'm getting two errors here.

"Notice: Undefined variable: password in C:\xampp\htdocs\fyp\cms\cms-settings.php on line 73

Warning: mysql_affected_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\fyp\cms\cms-settings.php on line 75"

Can someone find out whats the problem here? How to change the password instead? is the way of query is correct?

<?php session_start();
<?php include_once("../includes/connection.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<title>Example form</title>
<style type="text/css">
.container1 {
    width: 500px;
    clear: both;
.container1 input {
    width: 100%;
    clear: both;

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="style.css" />
<title>Change Password</title>

<div id="container">
    <div id="header">
        <h1 style="text-align:left">Quality Management<span class="off"> Cell</span></h1>


    <div id="menu">
            <li class="menuitem"><a href="cms.php">Home</a></li>
            <li class="menuitem"><a href="cms-attendance.php">Attendance</a></li>
            <li class="menuitem"><a href="cms-courses.php">Courses</a></li>
            <li class="menuitem"><a href="cms-settings.php">Settings</a></li>

        <a style="text-align:right" href="cms-logout.php">Logout</a>

    <div id="content" align="justify">
    <div id="content_top"></div>
    <div id="content_main">
<div id="wrapper">             

<form class="login-form" method ="post" action="">
      <label for="password">Old Password:</label>
      <input name="old_password"/><br /><br />

      <label for="password">New Password:</label>
      <input name="n_password"/><br /><br />

      <label for="password">Confirm new Password:</label>
      <input name="new_password"/><br />

        <br />
        <input class="button" name="submit" type="Submit" value="Done"/>

if(isset($_POST['old_password']) && isset($_POST['password']) && isset($_POST['new_password'])){
    $old_pass = $_POST['old_password'];
    $password = $_POST['n_password'];
    $new_pass = $_POST['new_password'];
if (isset($_SESSION['user_name'])){
$username = $_SESSION['user_name'];
$query_pass = "UPDATE users SET user_pass = '".$password."' WHERE user_name = '".$_SESSION['user_name']."'";
$result_set = mysql_query($query_pass) or die(mysql_error());
$pass_rows = mysql_affected_rows($result_set) or die (mysql_error());

$pass_set  = mysql_fetch_array($pass_rows);
while ($pass_set = mysql_fetch_array($result_set)){

if($old_pass != $password){
echo "Success"; 
else {
echo "Same Pass";   


    <div id="content_bottom"></div>


Edited by pritaeas: Closed. duplicate.

3 Years
Discussion Span
Last Post by pritaeas