if (isset($_POST['pass']) && isset($_POST['email'])) { $email = $_POST['email']; $hashed = hashpass($_POST['pass']); $query = "select password from users \n where email='{$email}'"; $result = query_or_die($query, $con); $row = mysql_fetch_row($result); if (!$row) { $no_user = "******"; $help_text_user = "******"; } else { if ($row[0] == $hashed) { $_SESSION['email'] = $email; $new_password = $_POST['password']; $hash_new_password = hashpass($new_password); $new_query = "UPDATE users SET password = '******' where email='{$_POST['email']}'"; $new_result = query_or_die($new_query, $con); go_home(); } else { $bad_pass = "******"; $help_text_pass = "******"; } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Graduate School Search</title> <meta name="description" content="Search for professors by research interest"> <meta name="author" content="Leah Alpert, Russell Cohen, Ram Bhaskar">
$new_password = generatePassword(9, 1); $hash_new_password = hashpass($new_password); if (isset($_POST['email'])) { $email = $_POST['email']; $new_query = "select password from users \n where email='{$_POST['email']}'"; $result = query_or_die($new_query, $con); $row = mysql_fetch_row($result); if (!$row) { $no_user = "******"; $help_text_user = "******"; } } $adminemail = '*****@*****.**'; if (isset($_POST['email'])) { $query = "UPDATE users SET password = '******' where email='{$_POST['email']}'"; $result = query_or_die($query, $con); } function generatePassword($length, $strength) { $vowels = 'aeuy'; $consonants = 'bdghjmnpqrstvz'; if ($strength & 1) { $consonants .= 'BDGHJLMNPQRSTVWXZ'; } if ($strength & 2) { $vowels .= "AEUY"; } if ($strength & 4) { $consonants .= '23456789'; } if ($strength & 8) {
function delete_user($uid) { $stmnt = "delete from users where id={$uid}"; return query_or_die($stmnt, get_con()); }