Viewing file:  login.php (3 KB) -rw-rw-rw-
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
include('../Connections/oa.php');
// *** Start the session
if (!session_id()) session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".htmlentities($HTTP_SERVER_VARS['QUERY_STRING']);
if (isset($HTTP_POST_VARS['nombre'])) {
$FF_valUsername=$HTTP_POST_VARS['nombre'];
$FF_valPassword=$HTTP_POST_VARS['clave'];
$FF_fldUserAuthorization="";
$FF_redirectLoginSuccess="lista.php";
$FF_redirectLoginFailed="login.php";
$FF_rsUser_Source="SELECT nombre, clave ";
if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
$FF_rsUser_Source .= " FROM admin WHERE nombre='" . $FF_valUsername . "' AND clave='" . $FF_valPassword . "'";
mysql_select_db($database_oa, $oa);
$FF_rsUser=mysql_query($FF_rsUser_Source, $oa) or die(mysql_error());
$row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
if(mysql_num_rows($FF_rsUser) > 0) {
// username and password match - this is a valid user
$MM_Username=$FF_valUsername;
session_register("MM_Username");
if ($FF_fldUserAuthorization != "") {
$MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
} else {
$MM_UserAuthorization="";
}
session_register("MM_UserAuthorization");
if (isset($HTTP_SESSION_VARS['priorUrl']) && false) {
$FF_redirectLoginSuccess = $HTTP_SESSION_VARS['priorUrl'];
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = false;
header ("Location: $FF_redirectLoginSuccess");
exit;
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = true;
header ("Location: $FF_redirectLoginFailed");
exit;
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<table width="450" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><form id="form1" name="form1" method="POST" action="<?php echo $FF_LoginAction?>">
<table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="50%">Nombre</td>
<td><label>
<input name="nombre" type="text" id="nombre" />
</label></td>
</tr>
<tr>
<td width="50%">Clave</td>
<td><label>
<input name="clave" type="password" id="clave" />
</label></td>
</tr>
<tr>
<td width="50%"> </td>
<td><label>
<input type="submit" name="Submit" value="Ingresar" />
</label></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</body>
</html>
|