-
Notifications
You must be signed in to change notification settings - Fork 1
/
signin.php
72 lines (60 loc) · 1.73 KB
/
signin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
require("dbconfig.php");
require("alertsLib.php");
$errmsg = "";
if (isset($_POST['signin']))
{
$uname = trim(stripslashes(htmlspecialchars($_POST['userName'])));
$pwd = trim(stripslashes(htmlspecialchars($_POST['pwd'])));
if ($uname!="" && $pwd!="")
{
checkActivate($uname,$pwd);
}
}
function checkActivate($uname,$pwd)
{
$sqlcheckActivate = "select users_id,email,activated from users
where (email='".$uname."' or username='".$uname."') and username!=''";
$result = mysql_query($sqlcheckActivate);
$num_rows = mysql_num_rows($result);
if ($num_rows>0)
{
$db = mysql_fetch_assoc($result);
if ($db['activated']=='y')
{
verifySignIn($uname,$pwd);
}else{
echo " Account has not been activated";
}
}else{
echo "Invalid account info..";
}
}
function verifySignIn($uname, $pwd)
{
$pwdhash = sha1($pwd);
$sql = "select users_id,surname,firstname,othernames,city,state,country,user_roles_id
from users where (email='".$uname."' or username='".$uname."') and pass='".$pwdhash."'";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
if ($num_rows>0)
{
session_start();
$db = mysql_fetch_assoc($result);
$_SESSION['userId'] = $db['users_id'];
$_SESSION['surname'] = $db['surname'];
$_SESSION['firstname'] = $db['firstname'];
$_SESSION['othernames'] = $db['othernames'];
$_SESSION['city'] = $db['city'];
$_SESSION['state'] = $db['state'];
$_SESSION['country'] = $db['country'];
$_SESSION['user_roles'] = $db['user_roles_id'];
$_SESSION['ag_signin'] = '1';
header("location:dashboard.php");
}else{
session_start();
$_SESSION['ag_signin']='';
session_destroy();
}
}
?>