<?phpif($_SERVER["REQUEST_METHOD"] == "POST") {$host = "heroindetoxeurop

1. <?php
2.  
3. if($_SERVER["REQUEST_METHOD"] == "POST") {
4.  
5. $host = "heroindetoxeurope.com";
6. $username = "wwwhero";
7. $password = "S)v{O#ETXypB";
8. $db_name = "wwwhero_heroindetox";
9. $tbl_name="users"; // Table name
10.  
11. // Connect to server and select databse.
12. mysql_connect("$host", "$username", "$password")or die("cannot connect");
13. mysql_select_db("$db_name")or die("cannot select DB");
14.  
15. // username and password sent from form
16. $username=$_POST['username'];
17. $password=$_POST['password'];
18.  
19. // To protect MySQL injection (more detail about MySQL injection)
20. $username = stripslashes($username);
21. $password = stripslashes($password);
22. $username = mysql_real_escape_string($username);
23. $password = mysql_real_escape_string($password);
24. $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
25. $result=mysql_query($sql);
26.  
27. // Mysql_num_row is counting table row
28. $count=mysql_num_rows($result);
29.  
30. // If result matched $myusername and $mypassword, table row must be 1 row
31. if($count==1){
32. // Register $username, $password and redirect to file "index.php"
33. session_register("username");
34. session_register("password");
35. if($username == "vuk" || $username == "petar" || $username == "jelena" || $username == "irena" || $username == "test") {
36. $_SESSION['loggedin'] = true;
37. $_SESSION['username'] = $username;
38. echo '
39. <script type="text/javascript">
40.  
41. window.location = "http://heroindetoxeurope.com/crm/vorobjev/index.php"
42.  
43. </script>';
44. }
45. else if ($username == "admin" || $username == "dusan"){
46. $_SESSION['loggedin'] = true;
47. $_SESSION['username'] = $username;
48. echo '
49. <script type="text/javascript">
50.  
51. window.location = "http://heroindetoxeurope.com/crm/vorobjev/index1.php"
52.  
53. </script>';
54. }
55. }
56. else {
57. $error = "Pogresna kombinacija korisnickog imena i lozinke!";
58. }
59. }
60. ?>
61. <html>
62. <head>
63. <title>User Login - Management system</title>
64. <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
65. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"/>
66. <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
67. <link rel="stylesheet" type="text/css" href="css/login.css"/>
68. <link rel="shortcut icon" type="image/ico" href="images/fav.ico"/>
69. </head>
70.  
71. <body>
72. <div class="container" style="margin-top: 200px;">
73. <?php if(isset($smsg)){ ?>
74. <div class="alert alert-success" role="alert">
75. <?php echo $smsg; ?>
76. </div>
77. <?php } ?>
78. <?php if(isset($fmsg)){ ?>
79. <div class="alert alert-danger" role="alert">
80. <?php echo $fmsg; ?>
81. </div>
82. <?php } ?>
83. <form name="login-form" class="login-form" method="post">
84. <div class="header">
85. <h1 style="text-align: center;">Dr Vorobjev Management System</h1>
86. </div>
87. <div class="content">
88. <input name="username" type="text" class="input username" placeholder="Username" name="username" required="" />
89. <div class="user-icon"></div>
90. <input name="password" type="password" class="input password" placeholder="Password" name="password" required="" />
91. <div class="pass-icon"></div>
92. </div>
93. <div class="footer">
94. <button class="button" type="submit">Login</button>
95. </div>
96. </form>
97. <div style = "font-size:11px; color:#cc0000; margin-top:10px; text-align: center;"><?php echo $error; ?></div>
98. </div>
99. </body>
100. </html>