prepare("SELECT id, username, password, enabled FROM app_users WHERE BINARY username=? AND enabled=?"); $querypass->bind_param("si", $username, $enabled); $querypass->execute(); $fetchData = $querypass->get_result(); $passdatafromdb = $fetchData->fetch_row(); $fetchedpassfromdb = $passdatafromdb[2]; $changepassverify = password_verify($currentPassword, $fetchedpassfromdb); if ($changepassverify) { $newHashedPassword = password_hash($newPassword, PASSWORD_DEFAULT); $enabled = 1; $queryupdatepass = $mysqli->prepare("UPDATE app_users SET password=? WHERE BINARY username=? AND enabled=?"); $queryupdatepass->bind_param("ssi", $newHashedPassword, $username, $enabled); $queryupdatepass->execute(); if ($queryupdatepass) { $passchangemessage = "Your Roundpin user password has been updated successfully. From now on you will have to use your new password to log in to Roundpin."; } else { $passchangemessage = "An error occurred while attempting to save the new password!"; } } else { $passchangemessage = "The password you have entered in the 'Current Password' field doesn't match your current password!"; } echo json_encode($passchangemessage); } else { header("Location: roundpin-login.php"); } ?>