SHOW:
|
|
- or go back to the newest paste.
1 | - | <?php |
1 | + | <?php |
2 | - | include 'database.php'; |
2 | + | |
3 | // Inialize session | |
4 | - | $email = $_POST['email']; |
4 | + | session_start(); |
5 | - | $password = $_POST['password']; |
5 | + | |
6 | // Include database connection settings | |
7 | - | if (!empty($_POST['email']) && !empty($_POST['password'])) |
7 | + | $hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet. |
8 | - | { |
8 | + | $dbname = 'esca'; // Your database name. |
9 | - | $sql="SELECT * FROM tbl_customers_a156296 WHERE fld_customer_email = '$email' and fld_customer_password = '$password'"; |
9 | + | $username = 'root'; // Your database username. |
10 | - | $qid = mysql_query($sql); |
10 | + | $password = 'user123'; // Your database password. If your database has no password, leave it empty. |
11 | - | |
11 | + | |
12 | - | if($login=mysql_fetch_array($qid)) |
12 | + | // Let's connect to host |
13 | - | { |
13 | + | $connect = mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!'); |
14 | - | $email=$login["email"]; |
14 | + | // Select the database |
15 | - | $password=$login["password"]; |
15 | + | mysql_select_db("esca") or DIE('Database name is not available!'); |
16 | - | $_SESSION["email"]=$email; |
16 | + | |
17 | - | $_SESSION["password"]=$password; |
17 | + | |
18 | - | $_SESSION["auth"]=true; |
18 | + | |
19 | - | header('Location:index2.php'); |
19 | + | // Retrieve username and password from database according to user's input |
20 | - | exit; |
20 | + | $username=mysql_real_escape_string($_POST['user']); |
21 | $password=mysql_real_escape_string($_POST['pass']); | |
22 | - | /* |
22 | + | $encrypted_mypassword=md5($password); |
23 | - | $cid=$login['cid']; |
23 | + | $sql = "SELECT * FROM members WHERE (username = '$username') and (password = '$encrypted_mypassword')"; |
24 | - | $fname=$login['fname']; |
24 | + | $login = mysql_query($sql,$connect); |
25 | - | $_SESSION['fname']=$fname; |
25 | + | |
26 | - | $_SESSION['cid']=$cid; |
26 | + | if($login) |
27 | - | $_SESSION['auth']=true; |
27 | + | $count = mysql_num_rows($login) ; |
28 | - | header('Location:index2.php'); |
28 | + | |
29 | - | exit; |
29 | + | else |
30 | - | */ |
30 | + | die("something failed"); |
31 | - | } |
31 | + | |
32 | - | else { |
32 | + | // Check username and password match |
33 | - | //header ('Location:failurelogin.php'); |
33 | + | |
34 | - | echo "Maaf, Log Masuk tidak berjaya"; |
34 | + | while($row = mysql_fetch_assoc($login)){ |
35 | - | } |
35 | + | $_SESSION['username'] = $_POST['user']; |
36 | $_SESSION['nama'] = $row['nama']; | |
37 | $_SESSION['level'] = $row['typeuser']; | |
38 | $type = $_SESSION['level']; | |
39 | } | |
40 | ||
41 | if ($count != "") { | |
42 | ||
43 | switch ((int)$type) { | |
44 | case 4: | |
45 | $_SESSION['start'] = time(); | |
46 | $_SESSION['expire'] = $_SESSION['start'] + (3 * 6); | |
47 | ||
48 | header('Location: /esca/user'); // admin Level; | |
49 | break; | |
50 | case 3: | |
51 | $_SESSION['start'] = time(); | |
52 | $_SESSION['expire'] = $_SESSION['start'] + (30 * 60); | |
53 | header('Location: /esca/mrd'); | |
54 | break; | |
55 | ||
56 | default: | |
57 | $_SESSION['start'] = time(); | |
58 | $_SESSION['expire'] = $_SESSION['start'] + (30 * 60); | |
59 | header('Location: /esca/contr'); | |
60 | } | |
61 | ||
62 | ||
63 | } | |
64 | else { | |
65 | // Jump to login page | |
66 | session_destroy(); | |
67 | header('Location:/esca/page/login.php'); | |
68 | } | |
69 | ||
70 | ||
71 | ||
72 | ||
73 | ?> |