Advertisement
Guest User

Untitled

a guest
Mar 16th, 2017
116
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.19 KB | None | 0 0
  1. <?php
  2. //If the form is submitted
  3. //If the form is submitted or not.
  4. if (isset($_POST['username']) and isset($_POST['password'])){
  5.  
  6. //Start the Session
  7. session_start();
  8. require('dbconnection.php');
  9.  
  10. //Assigning posted values to variables.
  11. $suername = $_POST['username'];
  12. $password = $_POST['password'];
  13. $staff_ic = $_POST['staff_ic'];
  14.  
  15. // To protect MySQL injection
  16. $username = stripslashes($username); //+1
  17. $password = stripslashes($password);
  18. $staff_ic = stripslashes($staff_ic);
  19. $username = mysql_real_escape_string($username); //-1
  20. $password = mysql_real_escape_string($password);
  21. $staff_ic = mysql_real_escape_string($staff_ic);
  22.  
  23.  
  24.  
  25. // Checking the values are existing in the database or not
  26. $query = "SELECT * FROM `staff` WHERE (username='$username'AND password='$password' AND staff_ic='$staff_ic')";
  27. //$result = mysql_query($query) or die(mysql_error($query));
  28. $result = mysql_query($query) or die(mysql_error($dbconn));
  29. $results = mysql_fetch_array($result);
  30.  
  31. $leveluser = $results['level'];
  32. $_SESSION['leveluser'] = $leveluser;
  33.  
  34. $count = mysql_num_rows($result);
  35.  
  36. // If the posted values are equal to the database values, then session will be created for the user.
  37. if ($count == 1){
  38. $_SESSION['username'] = $username;
  39.  
  40. }else{
  41.  
  42. //?>
  43. //<script type="text/javascript">
  44. //alert('HARAP MAAF\nHarap Maaf. Nama pengguna atau kata laluan yang diberikan tidak dibenarkan.');
  45. //window.location="staff_login.php";
  46. //</script>
  47.  
  48. //<?php
  49. // If the login credentials doesn't match, he will be shown with an error message.
  50. //$fmsg = "Invalid Login Credentials.";
  51. }
  52. }
  53.  
  54. // if the user is logged in Greets the user with message
  55. if (isset($_SESSION['username'])){
  56. $username = $_SESSION['username'];
  57. echo "Hai " . $username . "
  58. ";
  59. echo "This is the Members Area
  60. ";
  61. if ($leveluser == 1 ) {
  62. header('Location: home_adminppkt.php');
  63. }elseif ($leveluser == 2) {
  64. header('Location: home_orgsv.php');
  65.  
  66. }else {
  67. echo 'That information is incorrect, try again <a href="staff_login.php">Click Here</a>';
  68. header('Location: staff_login.php');
  69. }
  70.  
  71. }
  72. // When the user visits the page first time, simple login form will be displayed.
  73. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement