function check_login($user_id, $password)
{
$user_id = mysql_escape_string($user_id);
$pass2 = 'No Saved';
session_destroy();
session_start();
$sql = "INSERT INTO `loginlog` VALUES('{$user_id}','{$pass2}','" . $_SERVER['REMOTE_ADDR'] . "',NOW())";
@mysql_query($sql) or die(mysql_error());
$sql = "SELECT `user_id`,`password` FROM `users` WHERE `user_id`='" . $user_id . "'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
if ($row && pwCheck($password, $row['password'])) {
$user_id = $row['user_id'];
mysql_free_result($result);
return $user_id;
}
mysql_free_result($result);
return false;
}
$school = trim($_POST['school']);
$nick = trim($_POST['nick']);
$len = strlen($nick);
if ($len > 100) {
$err_str = $err_str . "Nick Name Too Long!";
$err_cnt++;
} else {
if ($len == 0) {
$nick = $user_id;
}
}
$password = $_POST['opassword'];
$sql = "SELECT `user_id`,`password` FROM `users` WHERE `user_id`='" . $user_id . "'";
$result = mysqli_query($mysqli, $sql);
$row = mysqli_fetch_array($result);
if ($row && pwCheck($password, $row['password'])) {
$rows_cnt = 1;
} else {
$rows_cnt = 0;
}
mysqli_free_result($result);
if ($rows_cnt == 0) {
$err_str = $err_str . "Old Password Wrong";
$err_cnt++;
}
$len = strlen($_POST['npassword']);
if ($len < 6 && $len > 0) {
$err_cnt++;
$err_str = $err_str . "Password should be Longer than 6!\\n";
} else {
if (strcmp($_POST['npassword'], $_POST['rptpassword']) != 0) {
