login script:
'<'?php
function confirmUser($username, $password){
global $conn;
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
$query = "select emp_id,job_id from emp where emp_name = '$username'";
$result = mysql_query($query);
if(!$result || (mysql_numrows($result)'<'1)){ return 1;
}
$dbarray = mysql_fetch_array($result);
$dbarray['emp_id'] = stripslashes($dbarray['emp_id']);
$jobid = $dbarray['job_id'];
$_SESSION['job_id'] = $jobid;
$password = stripslashes($password);
$md5pass = md5($dbarray['emp_id']);
if($password == $md5pass){
return 0;
}
else{
return 2;
}
}
function checkLogin(){
global $_SESSION;
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
else{
return false;
}
}
function displayLogin(){
global $logged_in;
if($logged_in)
{
$jbid =$_SESSION['job_id'];
switch ($jbid)
{
case 1:
include 'index.php';
break;
case 2:
include 'index1.php';
break;
case 3:
include 'index2.php';
break;
case 4;
header('index3.php');
break;
}
}
else{
?>
'<'form id="login-form" action="" method="post">
UserName: '<'input type="text" name="user" maxlength="20" class="inputbox">
Password: '<'input type="password" name="pass" maxlength="4" class="inputbox">
Remember:'<'input type="checkbox" name="remember">
'<'input type="submit" class="button" name="sublogin" value="Log in">
'<'/form>
'<'?php
}
}
if(isset($_POST['sublogin'])){
if(!$_POST['user'] || !$_POST['pass']){
$report1 = 'You didn\'t fill in a required field.';
echo "";
}
$md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
if($result == 1){
$report2 = 'That username doesn\'t exist in our database.';
echo "";
}
else if($result == 2){
$report3 = 'Incorrect password, please try again';
echo "";
}
$user = stripslashes($_POST['user']);
$_SESSION['username'] = $user;
$_SESSION['password'] = $md5pass;
$passwrd = $_POST['pass'];
$_SESSION['empid'] = $passwrd;
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*6, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*6, "/");
}
return;
}
$logged_in = checkLogin();
?>
No comments:
Post a Comment