I have some issues with the following PHP code:
require '../core/connection.php';
require '../includes/functions.php';
if (isset($_SESSION['user_id'])) {
if (isset($_POST['current_user_password'])) {
$current_user_password = md5($_POST['current_user_password']);
if ($current_user_password != $_SESSION['user_password']) {
header('Location:../edit_credentials.php?edit=password&error=current_password');
} else {
$new_password = $_POST['new_user_password'];
$new_password2 = $_POST['new_user_password2'];
if ($new_password == '' || ($new_password2 == '') {
header('Location:../edit_credentials.php?edit=password&error=new_password_empty');
}
if ($new_password != $new_password2) {
header('Location:../edit_credentials.php?edit=password&error=new_password_not_equal');
} else {
$new_password = md5($new_password);
edit_user_password($user_id,$new_password);
}
}
} else {
echo 'current_user_password not set';
}
} else {
echo 'Session not set';
}
Here is the function as well:
function edit_user_password($user_id,$user_password){
global $db;
$user_password_data = $db->query('
UPDATE `users`
SET `user_password` = "'.$user_password.'" WHERE `user_id` = "'.$user_id.'";');
$_SESSION['user_password'] = $user_password;
$db->query($user_password_data);
header("Location:../edit_credentials.php?saved=password");
}
Everything works besides this part:
if ($new_password == '' || ($new_password2 == '') {
header('Location:../edit_credentials.php?edit=password&error=new_password_empty');
}
When it comes to this part, where the passwords are empty, if i switch out the redirection with a die('test'), it works, but it wont work with the redirect. Any chance you guys know why this is not working?
Thanks in advance for all help.