I have the following code
if (isset($_POST['change'])) {
$current = mysqli_real_escape_string($con, $_POST['current']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$cpassword = mysqli_real_escape_string($con, $_POST['cpassword']);
if(strlen($password) < 6) {
$error = true;
$password_error = "Password must be minimum of 6 characters";
}
if($password != $cpassword) {
$error = true;
$cpassword_error = "Password and Confirm Password doesn't match";
}
if(mysqli_fetch_field(mysqli_query($con, "SELECT password FROM users WHERE id = '" . $_SESSION['usr_id'] . "' LIMIT 1")) != md5($current)) {
$error = true;
$confirm_error = "Your actual password is not correct";
}
}
The problem is here:
mysqli_fetch_field(mysqli_query($con, "SELECT password FROM users WHERE id = '" . $_SESSION['usr_id'] . "' LIMIT 1"))
It gives me the error
PHP Catchable fatal error: Object of class stdClass could not be converted to string in /.../password.php on line 27
I have tried with
mysql_result(mysqli_query($con, "SELECT password FROM users WHERE id = '" . $_SESSION['usr_id'] . "' LIMIT 1"), 0)
but it not works, it gives me
PHP Fatal error: Uncaught Error: Call to undefined function mysql_result() in /.../password.php:27
I don't want to use mysqli_fetch_array()
and a while
loop. I have searched for a function or something similar and i have found something but nothing worked for me.