$username = addslashes($_POST['username']); $password_old = addslashes($_PO

1. $username = addslashes($_POST['username']);
2. $password_old = addslashes($_POST['password_old']);
3. $password_new = $_POST['password_new'];
4. $firstname = addslashes($_POST['firstname']);
5. $lastname = addslashes($_POST['lastname']);
6. $mail = addslashes($_POST['email']);
7.  
8. if (!empty($password_new)){
9. if (empty($password_old)){
10. echo error('U dient ook het huidige wachtwoord op te geven.');
11. }
12. else{
13. if ($password_old == $get_r['user_pass']){
14. $update_pass = 'UPDATE admins SET user_pass="' . md5($password_new) . '" WHERE user_name="' . $username . '"';
15. mysql_query($update_pass) or die(mysql_error());
16.  
17. echo succes('Wachtwoord is aangepast.');
18. }
19. else{
20. echo error('Huidig wachtwoord klopt niet.');
21. }
22. }
23. }