Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /* Website Administrator for this domain - dependent on staff_id that is admin */
- $link=mysql_connect ('localhost', 'cm_esites','$password');
- if (!$link) {
- die('Could not connect: ' . mysql_error());
- }
- if (!mysql_select_db('cm_esites')) {
- die('Could not select database: ' . mysql_error());
- }
- // this requires that a matching username and password is found -- AND -- that user is
- // indicated as the staff_id_admin in e_sites_control as this is the only person (staff) working
- // for that that subscriber that can alter the website. However, a company may have many staff members
- // only one can administrate the website.
- $sql="select e_manresu.*, e_sites_control.site_id,e_staff.security_level
- from e_manresu,e_sites_control,e_staff
- where e_manresu.u_username='".$postget["uname"]."' AND e_manresu.u_password='".$postget["passwd"]."'
- AND e_sites_control.staff_id_admin = e_manresu.staff_id and e_staff.staff_id = e_manresu.staff_id";
- $result = mysql_query($sql);
- if (!$result) {
- die('Could not query:' . mysql_error());
- }
- while ($rows=mysql_fetch_assoc($result)){
- $config["admin_uname"]=$rows['u_username'];
- $config["admin_passwd"]=$rows['u_password'];
- $_SESSION['site_id']=$site_id=$rows['site_id'];
- if($rows['security_level']=='99'){
- $_SESSION['super_admin']='true';
- }
- }
- mysql_close($link);
- if( ($postget["uname"]==$config["admin_uname"]) && ($postget["passwd"]==$config["admin_passwd"]))
- {
- $_SESSION['encaps']['admin_uname'] = $config['admin_uname'];
- $_SESSION['encaps']['admin_passwd'] = $config['admin_passwd'];
- }
- else
- {
- // sleep(3);
- echo $_SESSION['encaps']['admin_passwd'];
- echo "Login failed";
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement