This question already has an answer here:
I have a system for users to change their email addresses. I get a success notice after submitting the form but the new email address doesn't show up in the database.
The Entire Code is below
<?php
session_start();
if(isset($_SESSION['id'])){
if(isset($_POST['change_email_submit'])){
require 'dbh.inc.php';
$registerId = $_SESSION['id'];
$registerUsername = $_SESSION['userId'];
$oldEmail = htmlspecialchars(trim($_POST['OriginalEmail']));
$newEmail = htmlspecialchars(trim($_POST['NewEmail']));
if(empty($oldEmail)){
header("Location:../change_email_address.php?error=EnterOriginaEmail");
exit();
}
if(empty($newEmail)){
header("Location:../change_email_address.php?error=NewEmailEmpty");
exit();
}else if(!filter_var($newEmail,FILTER_VALIDATE_EMAIL)){
header("Location:../change_email_address.php?error=invalidEmail");
exit();
}else{
$sql = "SELECT registerEmail FROM register WHERE registerId='$registerId' AND registerUsername='$registerUsername'";
$query = mysqli_query($conn,$sql);
$queryCheck = mysqli_num_rows($query);
if($queryCheck > 0){
if($row = mysqli_fetch_assoc($query)){
if($oldEmail == $row['registerEmail']){
mysqli_query("UPDATE register SET registerEmail='$newEmail' WHERE registerId='$registerId'");
header("Location:../change_email_address.php?update=success");
exit();
}else{
header("Location: ../change_email_address.php?error=emailunavailable");
exit();
}
}
}else{
header("Location:../change_email_address.php?error=noUser");
exit();
}
}
}else{
header("Location:../change_email_address.php");
exit();
}
}