?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Home2</title>
</head>
<body>
<?php
if ($_POST && validateRequired($name)) {
?>
<p>Име: <?php
echo $name;
?>
<p>Парола: <?php
echo passCheck($pass, $pass2);
?>
<?php
} elseif ($_POST && !validateRequired($name)) {
?>
</p>Грешно въведено име.</p>
<?php
}
?>
<form method="post">
<div>
<label for="userName">User Name</label>
<input type="text" id="userName" name="userName" >
</div>
<div>
<label for="pass">Password</label>
<?php
session_start();
require_once "../include.php";
if (!isIn() || !isTeacher()) {
header("Location: ../");
exit;
}
$passchangeFailed = false;
if (isset($_POST["currpass"]) && isset($_POST["newpass"])) {
global $mysqlusername, $mysqlpassword, $mysqldatabase, $mysqllocation;
$db = new mysqli($mysqllocation, $mysqlusername, $mysqlpassword, $mysqldatabase);
$query = "SELECT userid FROM users WHERE userkey = " . $_SESSION["userkey"] . " LIMIT 1";
$result = $db->query($query) or die($db->error);
$row = $result->fetch_assoc();
if (passCheck($_POST["currpass"], $row["userid"])) {
$salt = generateSalt();
$password = passHash($_POST["newpass"], $row["userid"], $salt);
$salt = $db->escape_string($salt);
$query = "UPDATE users SET password='******', salt='{$salt}' WHERE userkey=" . $_SESSION["userkey"];
$db->query($query) or die($db->error);
$_SESSION["remarks"] = "<script>alert('Password changed successfully.');</script>";
header("Location: addschedule.php");
exit;
} else {
$passchangeFailed = true;
}
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
