Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //This is the code for User Login page//
- <?php
- //Start session
- session_start();
- //Unset the variables stored in session
- unset($_SESSION['SESS_MEMBER_ID']);
- unset($_SESSION['SESS_FIRST_NAME']);
- unset($_SESSION['SESS_LAST_NAME']);
- ?>
- <html>
- <head>
- <title>
- Sales Management System
- </title>
- <link rel="shortcut icon" href="main/images/pos.jpg">
- <link href="main/css/bootstrap.css" rel="stylesheet">
- <link href="button.css" rel="stylesheet">
- <link rel="stylesheet" href="main/css/font-awesome.min.css">
- </head>
- <body background="bg.jpg">
- <font style=" font:bold 45px 'Aleo'; text-shadow:px px px #000; color:#fff;"><center>Sales Management System</center></font>
- <div id="login">
- <?php
- if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
- foreach($_SESSION['ERRMSG_ARR'] as $msg) {
- echo '<div style="color: red; text-align: center;">',$msg,'</div><br>';
- }
- unset($_SESSION['ERRMSG_ARR']);
- }
- ?>
- <form action="login.php" method="post">
- <font style=" font:bold 25px 'Aleo'; text-shadow:px px px #000; color:#fff;"><center>Admin Login</center></font>
- <br>
- <div class="input-prepend">
- <span style="height:30px; width:25px;" class="add-on"><i class="icon-user icon-2x"></i></span><input style="height:40px;" type="text" name="username" border="5" Placeholder="Username" required/ ><br>
- </div>
- <br><div class="input-prepend">
- <span style="height:30px; width:25px;" class="add-on"><i class="icon-lock icon-2x"></i></span><input type="password" style="height:40px;" name="password" Placeholder="Password" required/><br>
- </div>
- <br><div class="qwe">
- <button class="myButton" href="dashboard.html" type="submit"><i class="icon-signin icon-large"></i> Submit</button>
- </div>
- </form>
- </div>
- </div>
- </div>
- </div>
- </body><br><br><div align="center"><font style=" font:bold 25px 'Aleo'; text-shadow:px px px #000; color:#fff;">Developed by Amandeep Singh</font></div>
- </html>
- //The Code for Login Validation page//
- <?php
- //Start session
- session_start();
- //Array to store validation errors
- $errmsg_arr = array();
- //Validation error flag
- $errflag = false;
- //Connect to mysql server
- $link = mysql_connect('localhost','root',"");
- if(!$link) {
- die('Failed to connect to server: ' . mysql_error());
- }
- //Select database
- $db = mysql_select_db('sales', $link);
- if(!$db) {
- die("Unable to select database");
- }
- //Function to sanitize values received from the form. Prevents SQL injection
- function clean($str) {
- $str = @trim($str);
- if(get_magic_quotes_gpc()) {
- $str = stripslashes($str);
- }
- return mysql_real_escape_string($str);
- }
- //Sanitize the POST values
- $login = clean($_POST['username']);
- $password = clean($_POST['password']);
- //Input Validations
- if($login == '') {
- $errmsg_arr[] = 'Username missing';
- $errflag = true;
- }
- if($password == '') {
- $errmsg_arr[] = 'Password missing';
- $errflag = true;
- }
- //If there are input validations, redirect back to the login form
- if($errflag) {
- $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
- session_write_close();
- header("location: index.php");
- exit();
- }
- //Create query
- $qry="SELECT * FROM user WHERE username='$login' AND password='$password'";
- $result=mysql_query($qry);
- //Check whether the query was successful or not
- if($result) {
- if(mysql_num_rows($result) > 0) {
- //Login Successful
- session_regenerate_id();
- $member = mysql_fetch_assoc($result);
- $_SESSION['SESS_MEMBER_ID'] = $member['id'];
- $_SESSION['SESS_FIRST_NAME'] = $member['name'];
- $_SESSION['SESS_LAST_NAME'] = $member['position'];
- //$_SESSION['SESS_PRO_PIC'] = $member['profImage'];
- session_write_close();
- header("location: main/index.php");
- exit();
- }else {
- //Login failed
- header("location: index.php");
- exit();
- }
- }else {
- die("Query failed");
- }
- ?>
Add Comment
Please, Sign In to add comment