Why do I not get my password put out on the page with this code?
I am trying to make a settings page so that I could change my password.
I don't get any errors; it just does nothing.
<html>
<head>
<title>Settings</title>
<link rel="stylesheet" href="/static/bootstrap.css">
<link rel="stylesheet" href="/static/firstindex.css">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="favicon.png" rel="icon"/>
</head>
<?php
session_start(); //starts the session
$user = $_SESSION['user'];
$result = mysql_query("SELECT password FROM users WHERE user_id='$user'");
if(isset($_SESSION['user']) && $_SESSION['user']){
echo"
<body>
<h1>Edit Profile</h1>
<p>Hello $user</p>
<p>Password $result</p>
<form action='settings.php' method='post' class='form1'>
<input class='form-control' placeholder='Old Password' type='password' name='password' required='required' /> <br/>
<input class='form-control' placeholder='New Password' type='password' name='newpassword' /> <br/>
<input class='form-control' placeholder='New Password' type='password' name='confirmnewpassword' /> <br/>
<input type='hidden' name='night' value='0'/>
<p><input type='checkbox' name='night' value='1'/> Turn on night theme for account</p>
<input type='submit' class='btn btn-info' value='Change Settings'/>
</form>
";
}
else {
Print '<script>window.location.assign("login.php");</script>';
}
?>
<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
$password = mysql_real_escape_string($_POST['password']);
$newPassword = mysql_real_escape_string($_POST['newpassword']);
$confirmNewPassword = mysql_real_escape_string($_POST['confirmnewpassword']);
$nightTheme =(int)mysql_real_escape_string($_POST['night']);
mysql_connect("localhost", "root","") or die(mysql_error()); //Connect to server
mysql_select_db("mvstudio") or die("Cannot connect to database"); //Connect to database
$result = mysql_query("SELECT password FROM users WHERE user_id='$user'");
$bool = true;
echo "$result";
}
?>
</body>
</html>