Hi, Guys Im new here im creating our system for Thesis , so our system is MIS ( Management Information System) it have subsystem of Employee Management System , Assests Management System, Customer Relation Management.
So when im creating log in i encounter this problems.
Im thinking that problem is came from core.php but i dont know how to fix it. Here is my indes.php
This is my core.php
<?php
ob_start();
session_start();
$current_file = $_SERVER['SCRIPT_NAME'];
function loggedin() {
if (isset($_SESSION['user_id'])&&!empty($_SESSION['user_id'])) {
return true;
} else {
return false;
}
}
function adminloggedin() {
if (isset($_SESSION['user_id'])&&!empty($_SESSION['user_id'])) {
return true;
} else {
return false;
}
}
?>
this is my loginform.
<?php
if (isset($_POST['eusername'])&&isset($_POST['epassword'])) {
$username = mysql_real_escape_string($_POST['eusername']);
$password = mysql_real_escape_string(md5($_POST['epassword']));
if (!empty($username)&&!empty($password)) {
$query = "SELECT * FROM tbl_account WHERE LogUsername='".$username."' AND LogPassword = '".$password."' AND type = 'ADMINISTRATION' ";
if ($query_run = mysql_query($query)) {
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0) {
echo 'Invalid username/Password combination.';
} else if ($query_num_rows == 1) {
$user_id = mysql_result($query_run, 0, 'LogUsername');
$_SESSION['user_id']=$user_id;
$_SESSION['type'] = "EMPLOYEE";
header('Location:../MIS1/indes.php');
}
}
} else {
echo 'You must supply username/password.';
}
}
?>
<div id="employee">
<form action="<?php echo $current_file ?>" method="POST">
Employee ID: <input type="text" name="eusername"> </br>
Password: <input type="password" name="epassword">
<input type="submit" id="employeesubmit" value="Log in">
</form>
</div>
<div id="admin">
<form action="<?php echo $current_file ?>" method="POST">
Admin ID: <input type="text" name="username"> </br>
Password: <input type="password" name="password">
<input type="submit" id="adminsubmit" value="Log in">
</form>
</div>
this is my adminloginform.php
<?php
if (isset($_POST['username'])&&isset($_POST['password'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
if (!empty($username)&&!empty($password)) {
$query = "SELECT * FROM tbl_account WHERE LogUsername='".$username."' AND LogPassword = '".$password."' AND type = 'ADMINISTRATION' ";
if ($query_run = mysql_query($query)) {
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0) {
echo 'Invalid username/Password combination.';
} else if ($query_num_rows == 1) {
$user_id = mysql_result($query_run, 0, 'LogUsername');
$_SESSION['user_id']=$user_id;
$_SESSION['type'] = "ADMININSTRATION";
}
}
} else {
echo 'You must supply username/password.';
}
}
?>
This is my connect.php
<?php
$conn_err ='Cant Connect';
$mysql_host = 'localhost';
$mysql_user = 'root';
$mysql_pass = '';
$mysql_db = 'mis';
if (!@mysql_connect($mysql_host, $mysql_user, $mysql_pass)||!@mysql_select_db($mysql_db)) {
die($conn_err);
}
?>
Please help me i need to it to continue my thesis i also attach the php files for who wants to try