<?php
include "../database.php";
session_start();
$new_password = $_POST["new_password"];
$hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
$sql_update = "UPDATE users SET password='".$hashed_password."' WHERE id = " . $_SESSION['id'] . "";
if ($con->query($sql_update) === TRUE) {
    echo "ok";
} else {
    echo "error";
}