SHOW:
|
|
- or go back to the newest paste.
| 1 | - | <?php |
| 1 | + | <?php |
| 2 | - | include 'database.php'; |
| 2 | + | |
| 3 | // Inialize session | |
| 4 | - | $email = $_POST['email']; |
| 4 | + | session_start(); |
| 5 | - | $password = $_POST['password']; |
| 5 | + | |
| 6 | // Include database connection settings | |
| 7 | - | if (!empty($_POST['email']) && !empty($_POST['password'])) |
| 7 | + | $hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet. |
| 8 | - | {
|
| 8 | + | $dbname = 'esca'; // Your database name. |
| 9 | - | $sql="SELECT * FROM tbl_customers_a156296 WHERE fld_customer_email = '$email' and fld_customer_password = '$password'"; |
| 9 | + | $username = 'root'; // Your database username. |
| 10 | - | $qid = mysql_query($sql); |
| 10 | + | $password = 'user123'; // Your database password. If your database has no password, leave it empty. |
| 11 | - | |
| 11 | + | |
| 12 | - | if($login=mysql_fetch_array($qid)) |
| 12 | + | // Let's connect to host |
| 13 | - | {
|
| 13 | + | $connect = mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
|
| 14 | - | $email=$login["email"]; |
| 14 | + | // Select the database |
| 15 | - | $password=$login["password"]; |
| 15 | + | mysql_select_db("esca") or DIE('Database name is not available!');
|
| 16 | - | $_SESSION["email"]=$email; |
| 16 | + | |
| 17 | - | $_SESSION["password"]=$password; |
| 17 | + | |
| 18 | - | $_SESSION["auth"]=true; |
| 18 | + | |
| 19 | - | header('Location:index2.php');
|
| 19 | + | // Retrieve username and password from database according to user's input |
| 20 | - | exit; |
| 20 | + | $username=mysql_real_escape_string($_POST['user']); |
| 21 | $password=mysql_real_escape_string($_POST['pass']); | |
| 22 | - | /* |
| 22 | + | $encrypted_mypassword=md5($password); |
| 23 | - | $cid=$login['cid']; |
| 23 | + | $sql = "SELECT * FROM members WHERE (username = '$username') and (password = '$encrypted_mypassword')"; |
| 24 | - | $fname=$login['fname']; |
| 24 | + | $login = mysql_query($sql,$connect); |
| 25 | - | $_SESSION['fname']=$fname; |
| 25 | + | |
| 26 | - | $_SESSION['cid']=$cid; |
| 26 | + | if($login) |
| 27 | - | $_SESSION['auth']=true; |
| 27 | + | $count = mysql_num_rows($login) ; |
| 28 | - | header('Location:index2.php');
|
| 28 | + | |
| 29 | - | exit; |
| 29 | + | else |
| 30 | - | */ |
| 30 | + | die("something failed");
|
| 31 | - | } |
| 31 | + | |
| 32 | - | else {
|
| 32 | + | // Check username and password match |
| 33 | - | //header ('Location:failurelogin.php');
|
| 33 | + | |
| 34 | - | echo "Maaf, Log Masuk tidak berjaya"; |
| 34 | + | while($row = mysql_fetch_assoc($login)){
|
| 35 | - | } |
| 35 | + | $_SESSION['username'] = $_POST['user']; |
| 36 | $_SESSION['nama'] = $row['nama']; | |
| 37 | $_SESSION['level'] = $row['typeuser']; | |
| 38 | $type = $_SESSION['level']; | |
| 39 | } | |
| 40 | ||
| 41 | if ($count != "") {
| |
| 42 | ||
| 43 | switch ((int)$type) {
| |
| 44 | case 4: | |
| 45 | $_SESSION['start'] = time(); | |
| 46 | $_SESSION['expire'] = $_SESSION['start'] + (3 * 6); | |
| 47 | ||
| 48 | header('Location: /esca/user'); // admin Level;
| |
| 49 | break; | |
| 50 | case 3: | |
| 51 | $_SESSION['start'] = time(); | |
| 52 | $_SESSION['expire'] = $_SESSION['start'] + (30 * 60); | |
| 53 | header('Location: /esca/mrd');
| |
| 54 | break; | |
| 55 | ||
| 56 | default: | |
| 57 | $_SESSION['start'] = time(); | |
| 58 | $_SESSION['expire'] = $_SESSION['start'] + (30 * 60); | |
| 59 | header('Location: /esca/contr');
| |
| 60 | } | |
| 61 | ||
| 62 | ||
| 63 | } | |
| 64 | else {
| |
| 65 | // Jump to login page | |
| 66 | session_destroy(); | |
| 67 | header('Location:/esca/page/login.php');
| |
| 68 | } | |
| 69 | ||
| 70 | ||
| 71 | ||
| 72 | ||
| 73 | ?> |
