$msg = ""; \My PHP code that will execute in before proceeding the change

1. $msg = "";
2.  
3. \My PHP code that will execute in before proceeding the change password site
4.  
5.  
6. if(isset($_POST['submitBtnLogin'])) {
7. $answer = trim($_POST['ans']);
8. $username = ($_SESSION['username']);
9. if($answer != "") {
10. try {
11. $query = "select * from `tbl_user` where username = :username and
12. `answer`=:answer";
13. $stmt = $db->prepare($query);
14. $stmt->bindParam('answer', $answer, PDO::PARAM_STR);
15. $stmt->bindParam('username', $username, PDO::PARAM_STR);
16. $stmt->execute();
17. $count = $stmt->rowCount();
18. $row = $stmt->fetch(PDO::FETCH_ASSOC);
19. if($count == 1 && !empty($row)) {
20. $_SESSION['fid'] = $row['id'];
21. header('location:changepass.php');
22. } else {
23. echo "<script>alert('Incorrect Answer');</script>";
24.  
25. }
26. } catch (PDOException $e) {
27. echo "Error : ".$e->getMessage();
28. }
29. } else {
30. $msg = "Both fields are required!";
31. }