can you help me ..
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['ID']) || empty($_POST['password'])) {
$error = "You must enter a username and password";
}
else
{
// Define $username and $password
$date = date('m/d/y - h:i A');
$ID=$_POST['ID'];
$password=$_POST['password'];
// To protect MySQL injection for Security purpose
$ID = stripslashes($ID);
$password = stripslashes($password);
$ID = mysql_real_escape_string($ID);
$password = mysql_real_escape_string($password);
// Selecting Database
$db = mysql_select_db($database, $connection);
// SQL query to fetch information of registerd users and finds user match.
$query = mysql_query("SELECT ID, password, pin, time FROM facultymember ".
"WHERE password='$password' AND ID='$ID'", $connection);
$query2 = mysql_query("SELECT time FROM facultymember ".
"WHERE password='$password' AND ID='$ID'", $connection);
$row = mysql_fetch_assoc($query);
list($lastlogin) = mysql_fetch_row($query2);
$update = mysql_query("UPDATE facultymember SET time=NOW() WHERE ID='$ID'",$connection);
$_SESSION['lastlogin'] = $lastlogin;
if (($_POST['ID']) != ($row['ID']) ||($_POST['password']) != ($row['password']) ) {
$error = "You entered an invalid username or password, your attempt has been stored.";
}
else{
if(false != $row){ // user info exists/correct
$_SESSION['login_user'] = $row['ID'];
if('1' == $row['pin']) { //not admin
header("location: homeFM.php"); // Redirecting To Other Page
die;
} else { //admin
header("location: homeA.php"); // Redirecting To Other Page
die;
}
} else { //login doesn't exist
$error = "Username or Password is invalid";
}
$_SESSION['login_user'] = 1;
mysql_close($connection); // Closing Connection
}
}
}
?>
the above code is login code in php , how i can attempt login for specific user ID ? should I use database ? I hope way that I can do without database
any way ,, any way it will be fine
Aucun commentaire:
Enregistrer un commentaire