Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //log in page
- include('init.php');
- include'../customer/cust_temp/header.php';
- ?>
- <form action="" method="post">
- <p>
- Email: <input type="email" name="login_email" />
- User Name:<input type="text" name="user_name" />
- Password: <input type="password" name="login_password" />
- <input type="submit" value="Log in"/>
- </p>
- </form>
- <div id="register"><a href="register.php" id="register">Register New User</a></div>
- <?php
- if(isset($_POST['login_email'], $_POST['user_name'], $_POST['login_password'])){
- $login_email = $_POST['login_email'];
- $user_name = $_POST['user_name'];
- $login_password = $_POST['login_password'];
- $errors = array();
- if (empty ($login_email) || empty ($user_name) || empty($login_password)){
- $errors[] = 'Email, user name and password required';
- }else if (user_active($user_name) === false){
- $errors[] = 'You have't activated your account!';
- }else{
- $login = login_check($login_email, $user_name, $login_password);
- if($login === false){
- $errors[] ='Unable to log you in';
- }
- }
- if (!empty ($errors)){
- //loop thru errors and place each into a single error
- foreach ($errors as $error){
- echo $error,'<br />';
- }
- }else{
- //log user in
- $_SESSION['contact_id'] = $login;
- if(user_page($type_of_contact)==1){
- echo '$type_of_contact';
- header ('Location: accountinactive.html');
- }elseif(user_page($type_of_contact)==2){
- header ('Location: test.php');
- }elseif(user_page($type_of_contact)==3){
- header('');
- }else{
- header ('Location: ../customer/index.php');
- exit();
- }
- }
- }
- include '../customer/cust_temp/footer.php';
- ?>
- <?php
- function logged_in(){
- return isset($_SESSION['contact_id']);
- }
- function login_check($login_email, $user_name, $login_password){
- $email = mysql_real_escape_string($login_email);
- $user_name = mysql_real_escape_string($user_name);
- $login_query = mysql_query("SELECT COUNT(`contact_id`) as `count` , `contact_id` FROM `contact` WHERE `email`='$email' AND `password`='".md5($login_password)."'");
- return (mysql_result($login_query,0)==1)? mysql_result($login_query, 0, 'contact_id'): false;
- }
- function user_data(){
- $args = func_get_args();
- //implode elements of an array to select a specific amount of fields from a query
- $fields = '`'.implode('`,`', $args).'`';
- $query = mysql_query("SELECT $fields FROM `contact` WHERE `contact_id`=".$_SESSION['contact_id']);
- $query_result = mysql_fetch_assoc($query);
- foreach ($args as $field){
- $args[$field] = $query_result[$field];
- }
- return $args;
- }
- function user_register($cust_f_name,$cust_m_name,$cust_l_name,$cust_comp_name,$cust_address,$cust_city,$cust_state,$cust_zip,$cust_phone,$cust_fphone,$cust_email,$cust_login,$cust_password){
- $company_name = mysql_real_escape_string($cust_comp_name);
- $first_name = mysql_real_escape_string($cust_f_name);
- $middle_name = mysql_real_escape_string($cust_m_name);
- $last_name = mysql_real_escape_string($cust_l_name);
- $address = mysql_real_escape_string($cust_address);
- $city = mysql_real_escape_string($cust_city);
- $state = mysql_real_escape_string($cust_state);
- $zip = mysql_real_escape_string($cust_zip);
- $business_phone = mysql_real_escape_string($cust_phone);
- $cell_phone = mysql_real_escape_string($cust_fphone);
- $email = mysql_real_escape_string($cust_email);
- $user_name = mysql_real_escape_string($cust_login);
- mysql_query ("
- INSERT INTO `contact`
- VALUES ('','$company_name','$first_name','$middle_name','$last_name','$address',
- '$city','$state','$zip','$business_phone','','$cell_phone','','$email','0','$user_name',
- '".md5($cust_password)."','4','','','','','','1',CURRENT_TIMESTAMP)");
- return mysql_insert_id();
- }
- function user_exist ($cust_email){
- $cust_email = mysql_real_escape_string($cust_email);
- $query = mysql_query("SELECT COUNT(`contact_id`)FROM `contact` WHERE `email` = '$cust_email'");
- return (mysql_result($query, 0)== 1) ? true : false;
- }
- function user_active($user_name){
- $username = mysql_real_escape_string($user_name);
- $query = mysql_query ("SELECT COUNT(`contact_id`)FROM `contact` WHERE `user_name` = '$username' AND `active`= 1");
- return(mysql_result($query, 0)==1) ? true : false;
- }
- function user_page(){
- $type_of_contact=mysql_real_escape_string($type_of_contact);
- $query=mysql_query("SELECT `idtype_of_contact` FROM `contact` WHERE `contact_id` = ".$_SESSION['contact_id']=1);
- $query_result=mysql_fetch_assoc($query);
- return $query_result;
- }
- function employee_register($first_name,$middle_name,$last_name,$address,$city,$state,$zip,$home_phone,$cell_phone,$email,$activeRadioBt,$user_name,$password,$access_level) {
- $first_name = mysql_real_escape_string($first_name);
- $middle_name = mysql_real_escape_string($middle_name);
- $last_name = mysql_real_escape_string($last_name);
- $address = mysql_real_escape_string($address);
- $city = mysql_real_escape_string($city);
- $state = mysql_real_escape_string($state);
- $zip = mysql_real_escape_string($zip);
- $home_phone = mysql_real_escape_string($home_phone);
- $cell_phone = mysql_real_escape_string($cell_phone);
- $email = mysql_real_escape_string($email);
- $user_name = mysql_real_escape_string($user_name);
- $access_level = mysql_real_escape_string($access_level);
- mysql_query ("
- INSERT INTO `contact`
- VALUES ('','','$first_name','$middle_name','$last_name','$address',
- '$city','$state','$zip','','$home_phone','$cell_phone','','$email','$access_level','$user_name',
- '".md5($password)."','$access_level','','','','','','7',CURRENT_TIMESTAMP)");
- return mysql_insert_id();
- }
- function employee_exist ($email){
- $email = mysql_real_escape_string($email);
- $query = mysql_query("SELECT COUNT(`contact_id`)FROM `contact` WHERE `email` = '$email'");
- return (mysql_result($query, 0)== 1) ? true : false;
- }
- ?>
Add Comment
Please, Sign In to add comment