#1 changePassword fails

[Darrell]

changePassword returns true but password is not
changed.

I see in the code there is a $result that is either true or
false. However, the last line of the function says "return
true;" rather than "return $result;"

The second query did not work with my mySQL. Field
and table names appear case sensitive.

Also, right or wrong, I could only get it to work by using
$_SESSION['user'] rather than $_SERVER
['PHP_AUTH_USER'].

Below is my changed function.

function changePassword($oldPassword, $newPassword)
{
$oldPassword = mysql_escape_string($oldPassword);
$newPassword = mysql_escape_string
($newPassword);

/* Retrieve session info */
$connection = mysql_escape_string($_SESSION
['connection']);
$user = mysql_escape_string($_SESSION['user']);

/* Update database */
$result=true;
$query = "UPDATE Users SET Password=PASSWORD
('".$newPassword."') ".
"WHERE User='".$user."' AND ".
"Password=PASSWORD('".$oldPassword."');";
$result = mysql_query($query)
or $this->error("Query on Users table
failed\n<BR>".
"Query:".$query."\n<BR>".
"Sql Error:".mysql_error(),true);

/* Update session info */
$query = "SELECT Password FROM Users ".
"WHERE User='".$user."' AND ".
"Password=PASSWORD('".$newPassword."');";
$result = mysql_query($query)
or $this->error("Query on Users table
failed\n<BR>".
"Query:".$query."\n<BR>".
"Sql Error:".mysql_error(),true);

if ($result) {
$line = mysql_fetch_array($result);
$_SESSION['password']=$line["Password"];
}
return $result;
}