<?php
include "../database.php";

session_start();

$new_password = $_POST["new_password"];

$hashed_password = password_hash($new_password, PASSWORD_DEFAULT);

$sql_update = "UPDATE users SET password='".$hashed_password."' WHERE id = " . $_SESSION['id'] . "";
if ($con->query($sql_update) === TRUE) {
    echo "ok";
} else {
    echo "error";
}

$con->close();