if (empty($username)) {
echo $errors . "email can not be empty";
} else {
if (empty($password)) {
echo $errors . "password can not be empty";
} else {
if ($password != $v_password) {
echo $errors . "your password and verified password are not same";
} else {
$qry1 = pg_query_params("select serviceprovider_id from techmatcher.serviceprovider where record_unlock_cd =upper(\$1)", array($activation_code));
$result = pg_fetch_assoc($qry1);
$sp_id = $result["serviceprovider_id"];
if ($result) {
$secure_password = md5($password);
$qry = "Update techmatcher.serviceprovider set contactemailaddress=\$1,companycode=\$2,\r\n record_locked=\$3,activation_date=now() Where serviceprovider_id=\$4";
$result = pg_query_params($qry, array($username, $secure_password, "FALSE", $sp_id));
$status = findByEmail($username);
if ($status) {
$_SESSION['provider'] = $status;
echo "OK";
} else {
echo $errors . "user is not found with the given email address";
}
} else {
echo $errors . "Sorry, we couldn't find that code. Please check the number and try again.";
}
}
}
}
}
}
<?php
session_start();
include_once '../dao/dbcon.php';
include_once '../dao/login_logout_dao.php';
include_once '../dao/provider.php';
$errors = "";
$emails = $_GET['email'];
$password = $_GET['pwd'];
$secure_pass = md5($password);
$status = check_user_status($emails, $secure_pass);
if ($status['usertype'] == 'serviceprovider') {
$_SESSION['provider']['serviceprovider_id'] = $status['user_id'];
$temp = findByEmail($emails);
$_SESSION['provider'] = $temp;
echo 'provider_home.php';
} else {
// doesn't exists
echo $errors .= "<li >Invalid username/password </li>";
}
