session_start();
if($_SESSION['UserID'] == "")
{
echo "Please Login!";
exit();
}
mysql_connect("localhost","root","@14012518");
mysql_select_db("bcnu_login");
if($_POST["txtPassword"] != $_POST["txtConPassword"])
{
echo "Password not Match!";
exit();
}
$strSQL = "UPDATE member SET Password = '".trim($_POST['txtPassword'])."'
,Name = '".trim($_POST['txtName'])."' WHERE UserID = '".$_SESSION["UserID"]."' ";
$objQuery = mysql_query($strSQL);
echo "Save Completed!
";
if($_SESSION["Status"] == "ADMIN")
{
echo "
Go to Admin page";
}
else
{
echo "
Go to User page";
}
mysql_close();
?>