passwd_hash != $passwd_hash) { error_page("Invalid password"); } } page_head("Change password"); $passwd_hash = md5($passwd.$user->email_addr); $query = "update user set passwd_hash='$passwd_hash' where id=$user->id"; $result = mysql_query($query); if ($result) { echo "Your password has been changed."; } else { echo " We can't update your password due to a database problem. Please try again later. "; } page_tail(); ?>