<?PHP require_once("c:\dbconnect\dbconnect.php"); if($HTTP_POST_VARS['us

1. <?PHP
2.  
3. require_once("c:\dbconnect\dbconnect.php");
4.  
5. if($HTTP_POST_VARS['username'] != "" && $HTTP_POST_VARS['password'] !=
6. ""){$HTTP_POST_VARS['password'] = md5($HTTP_POST_VARS['password']);
7.      
8.     $dataquery = "SELECT user_id, username, password, userlevel FROM news_users
9.                  WHERE username='$HTTP_POST_VARS[username]'
10.                  AND password='$HTTP_POST_VARS[password]'";
11.     $int = mysql_query($dataquery)
12.                         or die (mysql_error());
13.     $data = mysql_fetch_array($int);
14.  
15. if(($data['username'] == $HTTP_POST_VARS['username']) &&
16.    ($data['password'] == $HTTP_POST_VARS['password'])){
17.         session_register('userid');
18.         session_register('username');
19.         session_register('userlevel');
20.         session_register('owner_logged_in');
21.         session_register('admin_logged_in');
22.         session_register('super_logged_in');
23.         session_register('regular_logged_in');
24.         session_register('miniprofile');
25.        
26.         $_SESSION['userid'] = $data['user_id'];
27.         $_SESSION['username'] = $data['username'];
28.         $_SESSION['sn_user'] = $data['username'];
29.         $_SESSION['userlevel'] = $data['userlevel'];
30.         $_SESSION['miniprofile'] = $action['miniprofile'];
31.        
32.         if($data['userlevel'] == "owner"){
33.             $_SESSION['owner_logged_in'] = "yez";
34.             $_SESSION['admin_logged_in'] = "yez";
35.             $_SESSION['super_logged_in'] = "yez";
36.             $_SESSION['regular_logged_in'] = "yez";
37.             echo "<script>location.href='../../menus/menu.php'</script>";
38.         }
39.          elseif($data['userlevel'] == "admin"){
40.             $_SESSION['admin_logged_in'] = "yez";
41.             $_SESSION['super_logged_in'] = "yez";
42.             $_SESSION['regular_logged_in'] = "yez";
43.            /* echo "<script>location.href='../../index.php'</script>";*/
44.            echo "<script>location.href='../../menus/menu.php' </script>";
45.         }
46.         elseif($data['userlevel'] == "super"){
47.             $_SESSION['super_logged_in'] = "yez";
48.             $_SESSION['regular_logged_in'] = "yez";
49.             echo "<script>location.href='../../index.php'</script>";
50.         }
51.         elseif($data['userlevel'] == "regular"){
52.             $_SESSION['regular_logged_in'] = "yez";
53.             echo "<script>location.href='../../menus/menu.php'</script>";
54.         }
55.          
56.         }
57.         else
58.             session_destroy();
59.             echo "<script>history.back();</script>";
60.         }
61.         else
62.         {
63.         if($HTTP_POST_VARS['username'] == ""){
64.  
65.         echo "mangler brukernavn";
66.         /*echo "<script>location.href='../../index.php?mode=login&username=none'</script>"; */
67.         }
68.         elseif($HTTP_POST_VARS['password'] == ""){
69.         echo "mangler passord";
70.         /*echo "<script>location.href='../../index.php?mode=login&password=none'</script>"; */
71.     }
72.       if($HTTP_POST_VARS['miniprofil'] == "yez")
73.       {
74.  
75.         echo "<script>location.href='../../index.php?mode=login&username=none'</script>";
76.         }
77.         elseif($HTTP_POST_VARS['password'] == ""){
78.         echo "<script>location.href='../../index.php?mode=login&password=none'</script>";
79.     }      
80. }
81.  
82. ?>