Reset Password Form Skipping An If Statement.

For some reason, my lost password form seems to be completely skipping part of the code. I'm very new to PHP, so I apologize now for my messy code.

 
   // first off.. do you belong here?
   if ($lostrows != 0) {
   
       // the link is valid, but is it expired?
       $expire_check = strtotime($expire);
       $expire_diff = time() - $expire_check;
 
           if ($expire_diff <= 7200) {
               if ($found_password) {

PHP:

Up to this point works just fine - it checks to see if the link is valid or expired. Works wonderfully.


This is where everything dies:

                        if (ISSET($new_password) && ($new_password === $new_password2)) {
                           if (strlen($new_password)>25||strlen($new_password)<6) {
                               $update_password_msg = "Your password must be between 6 and 25 characters.";
                           } else {
                               $update_password = mysql_query("UPDATE users SET password='$change_password' WHERE id=$db_id");
                               $update_password_msg = "Your password was successfully changed. Don't forget your new password!";
                               require_once('footer.php');
                               die();
                           }
                       } else {
                       $update_password_msg = "Your passwords don't match.";
                       }

PHP:

It's supposed to check if the two passwords in the form match, but it doesn't. I can put anything in the form or even just leave it blank and all it's coming back with is the error for the length of the password, even if the passwords match.

I'm not sure how relevant it is but here is the rest of the code:

                } else {
                   echo mysql_error();
               }
               
               
           } else {
               echo "This link has expired! <a href=\"/lostpassword.php\">Request a new link?</a>";
               require_once('footer.php');
               die();
           }
       
   } else {
       echo "This link isn't valid.";
       require_once('footer.php');
       die();
   }
 
echo (isset($update_password_msg) ? $update_password_msg : '');
 
include ('template/foundpassword.php');

PHP:

And the HTML form for name references (I did check that all the names matched up, but maybe I missed something..):

<form action="lostpassword.php<? echo "?linkid=" . $get_step . ""; ?>" method="post" name="found_password">
<table width="100%" class="profile_edit">
 
   
   <tr>
       <td class="row1">
           <b>Username:</b>
       </td>
       <td class="row2">
           <? echo $db_username ?>
       </td>
   </tr>    
   
 
   <tr>
       <td class="row1">
       <b>Password:</b>
       </td>
       
       <td class="row2">
           <input type="password" name="new_password" value="" />
       </td>
   </tr>
   
   <tr>
       <td class="row1">
       <b>Repeat Password:</b>
       </td>
       
       <td class="row2">
           <input type="password" name="new_password2" value="" />
       </td>
   </tr>
   
 
   
   
   <tr>
       <td colspan="2" class="row3">
           <input type="submit" name="found_password" value="Change Password" />
       </td>
   </tr>
</table>
</form>

HTML:

 

Try this:

echo '"'.$new_password.'" is '.strlen($newpassword).' characters long.';
exit;
if (ISSET($new_password) && ($new_password === $new_password2)) {

Code (markup):

That may give you a clue.

 

Ah, that was perfect! I had the variables set wrong and it was just returning '1' every time, so it went right to the length check. Thank you!