<?php//okinclude 'common.php';session_start();$sn = session_id(); //ec

1. <?php
2. //ok
3. include 'common.php';
4. session_start();
5. $sn = session_id();
6. //echo $sn;
7. $expire_period = time()+60*60;
8. //$login_success = false;
9. if(isset($_COOKIE['login_success'])){
10. if ($_COOKIE['login_success']==true && !isset($_GET['logout'])){
11. $extra = "store.php?s=".$_COOKIE['session_id'];
12. header("Location: ".directoryURL($extra));
13.  
14. }
15.  
16. }
17.  
18. if(isset($_POST['loginName'])){
19. $loginName = $_POST['loginName'];
20. $pw = $_POST['pw'];
21.  
22. //MySQL
23. include 'mysqlQuery.php';
24. $connet=mysqlConnect();
25. //check login Name
26. $query = "SELECT pw FROM users WHERE loginName='".$loginName."';";
27. $rs=mysqlQuery($query,$connet);
28. $errMsg = $errMsg . mysql_error();
29. $pws = mysql_fetch_row($rs);
30. $rpw = $pws[0];
31. mysqlClose($connet);
32. //end my SQL
33.  
34. setcookie("login_success", false, $expire_period);
35. if($pw == $rpw){
36. //$login_success = true;
37. //session_regenerate_id();
38. //echo $sn;
39. setcookie("login_success", true, $expire_period);
40. setcookie("login_time", date(DATE_COOKIE), $expire_period);
41. setcookie("session_id", $sn, $expire_period);
42. $_SESSION['loginName']=$loginName;
43.  
44. $extra = "store.php?s=".$sn;
45. header("Location: ".directoryURL($extra));
46. exit();
47. }
48. else{
49. header( "Location:".$_SERVER['PHP_SELF']."?error=1");
50. //echo "fail";
51. }
52. }
53.  
54. if(isset($_GET['logout'])&& $_GET['logout']==1){
55. setcookie("login_success", '', time()-3600);
56. setcookie("login_time", '', time()-3600);
57. session_regenerate_id();
58. setcookie("session_id", '', time()-3600);
59. session_destroy();
60. header( "Location:".$_SERVER['PHP_SELF']."?logout=0" );
61. exit();
62. }
63. ?>
64. <html>
65. <header>
66. <title>321 Apparel Shopping Store</title>
67. <link rel="stylesheet" href="css/style.css" type="text/css" />
68. <script type="text/javascript" src="./js/form_login.js"></script>
69. <script type="text/javascript">
70. /*function display() {
71. var xmlhttp = new XMLHttpRequest();
72. xmlhttp.onreadystatechange=function() {
73. if (xmlhttp.readyState==4 && xmlhttp.status==200) {
74. document.getElementById("imageDiv").innerHTML=xmlhttp.responseText;
75. }
76. };
77. var dt = new Date( ).valueOf();
78. xmlhttp.open("GET", "advertisement.php"+ "?dt=" + dt, true);
79. xmlhttp.send();
80. setTimeout("display();", 3000);
81. }*/
82.  
83.  
84. </script>
85. </header>
86. <body onLoad="display()">
87.  
88. <h1>
89. Welcome to 321 Apparel Shopping Store
90. </h1>
91.  
92. <p class = "description" align="center">
93. <img src = "fashion.jpg"/><br><br>
94. Please login to continue <a href="registration.php">New User?</a> </p>
95.  
96. <form name="frm_login" method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">
97. <table class="login" align="center">
98. <tr>
99. <td rowspan="4" scope="col"><div align="center" id="imageDiv" ></div></th>
100. <td id="lgn">Username : </td>
101. <td><input name="loginName" type="text"></td>
102. </tr>
103. <tr>
104. <td id="pw" >Password : </td>
105. <td><input name="pw" type="password"></td>
106. </tr>
107. <tr>
108. <td><input type="submit" value="Login" onClick="return validate()"></td>
109. <td></td>
110. </tr>
111. <tr>
112. <td class="red" height = '40' colspan='2'><?php
113. if(isset($_GET['error'])){
114. echo "Wrong Login name or password.";
115. }
116. if(isset($_GET['logout'])){
117. echo "You have logged out sucessfully.";
118. }
119. if(isset($_GET['expired'])){
120. echo "Your login session has expired.";
121. }
122. ?></td>
123. </tr>
124. </table>
125. </form>
126. </div>
127. </body>
128. </html>