$tmp = is_array($value) ? $value : trim($value); if (empty($tmp)) { $missing[] = $key; ${$key} = ''; $correction_required = true; } else { ${$key} = $tmp; } } if (!$correction_required) { // echo "ss"; // echo "use name is ",$user_name; // echo "password is ",$password; $db = mysql_connect('localhost', 'root', ''); mysql_select_db('teacher'); if (authenticate_teacher($user_name, $password)) { session_destroy(); session_start(); $_SESSION['teacher_login'] = true; $_SESSION['user_name'] = $user_name; header('Location: ' . 'teacher_home.php'); } else { $missing[] = 'user_name'; $missing[] = 'password'; $correction_required = true; // header ( 'Location: ' . 'home.php' ); } mysql_close(); } else { // echo "dd"; $missing[] = 'password';
${$key} = $tmp; } } if (!empty($new_password) && !empty($retype_password) && strcmp($new_password, $retype_password) == 0) { } else { $correction_required = true; $missing[] = 'new_password'; $missing[] = 'retype_password'; } if (!$correction_required) { // echo "ss"; // echo "use name is ",$user_name; // echo "password is ",$password; $db = mysql_connect('localhost', 'root', ''); mysql_select_db('teacher'); if (authenticate_teacher($user_name, $current_password)) { $salt = openssl_random_pseudo_bytes(6); $new_password1 = $new_password . $salt; $salted_password = md5($new_password1); mysql_select_db('teacher'); $q = sprintf("UPDATE account_info SET Password='******',Salt='%s' WHERE UserName='******'", $salted_password, $salt, $_SESSION['user_name']); //echo $q; $t = mysql_query($q); mysql_close(); $_SESSION['account_password_reseted'] = true; $_SESSION['reset_acc_name'] = $name; header('Location: ' . 'teacher_home.php'); } else { $wrong_password = true; $correction_required = true; }