Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php error_reporting(-1); ini_set('display_errors',1); ini_set('error_log', getcwd() .'error_log'); /* */ ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <!-- meta -->
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
- <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
- <meta http-equiv="Expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
- <meta http-equiv="Pragma" content="no-cache" />
- </head>
- <body>
- <?php
- session_start();
- $f_usr= $_POST["myusername"];
- $f_pswd= $_POST["mypassword"];
- $_SESSION['email'] = $f_usr;
- //echo "password matched";
- //require 'connect_sql.php';
- $connection=mysql_connect("##","$$,"@@");
- if(! $connection)
- {
- die('Connection Failed'.mysql_error());
- }
- mysql_select_db("%%%",$connection);
- $key = '###';
- $sql4 = "SELECT password FROM users WHERE email = '$f_usr' ";
- $result_type4 = mysql_query($sql4,$connection) or die(mysql_error());
- $row4 = mysql_fetch_assoc($result_type4);
- $chk_pswd = $row4['password'];
- $decrypt_pswd = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($chk_pswd), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
- $result = mysql_query("SELECT * FROM users WHERE email = '$f_usr'");
- if (strcmp ($decrypt_pswd, $f_pswd) == 0)
- {
- $sql = "SELECT usertype FROM users WHERE (email = '" . mysql_real_escape_string($_POST["myusername"]) . "')";
- $sql1 = "SELECT firstname FROM users WHERE (email = '" . mysql_real_escape_string($_POST["myusername"]) . "')" ;
- $sql2 = "SELECT lastname FROM users WHERE (email = '" . mysql_real_escape_string($_POST["myusername"]) . "')" ;
- $sql3 = "SELECT company FROM users WHERE (email = '" . mysql_real_escape_string($_POST["myusername"]) . "')" ;
- $result_type = mysql_query($sql,$connection) or die(mysql_error());
- $result_type1 = mysql_query($sql1,$connection) or die(mysql_error());
- $result_type2 = mysql_query($sql2,$connection) or die(mysql_error());
- $result_type3 = mysql_query($sql3,$connection) or die(mysql_error());
- $row1 = mysql_fetch_assoc($result_type1);
- $row2 = mysql_fetch_assoc($result_type2);
- $row3 = mysql_fetch_assoc($result_type3);
- $row = mysql_fetch_assoc($result_type);
- $_SESSION['firstname'] = $row1['firstname'];
- $_SESSION['lastname'] = $row2['lastname'];
- $_SESSION['usertype'] = $row['usertype'];
- $num = mysql_num_rows($result);
- if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Business Owner' && $row3['company']== 'h')
- {
- $_SESSION['usertype4'] = $row['usertype'];
- header("rep_bo_h.php");
- }
- else if($num == 1 && $row['usertype'] == 'Business User' && $row3['company']== 'h')
- {
- $_SESSION['usertype2'] = $row['usertype'];
- header("rep_bu_h.php");
- }
- else if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Business User'&& $row3['company']== 'w' )
- {
- $_SESSION['usertype3'] = $row['usertype'];
- header("Location: rep_bu_w.php");
- }
- else if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Business Owner'&& $row3['company']== 'w' )
- {
- $_SESSION['usertype5'] = $row['usertype'];
- header("Location: rep_bo_w.php");
- }
- else if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Business User'&& $row3['company']== 'c1' )
- {
- $_SESSION['usertype7'] = $row['usertype'];
- header("Location: rep_bu_c1.php");
- }
- else if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Business Owner'&& $row3['company']== 'c1' )
- {
- $_SESSION['usertype6'] = $row['usertype'];
- header("Location: rep_bo_c1.php");
- }
- else if (mysql_num_rows($result) == 1 && $row['usertype'] == 'admin')
- {
- $_SESSION['usertype'] = $row['usertype'];
- include 'admin_select.php';
- }
- else if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Staff')
- {
- $_SESSION['usertype1'] = $row['usertype'];
- include 'rep_staff_select.php';
- }
- else if(mysql_num_rows($result) == 1 && $row['usertype'] == 'Internal product owner')
- {
- $_SESSION['usertype1'] = $row['usertype'];
- include 'rep_intprodowner_select.php';
- }
- else
- echo "<script> alert('Authentication failed. Please try again ')</script>";
- }
- else
- {
- ?>
- <script type="text/javascript">
- alert("Username/password mismatch");
- window.location = "index.html";
- </script>
- <?php
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement