<?php
session_start();
include "conn/conn.php";
include "inc/func.php";
$sqlstr = "select * from tb_controller where manager = '" . $_POST[username] . "' and mana_pwd = '" . $_POST[pwd] . "'";
$result = mysql_query($sqlstr, $conn);
$record = mysql_fetch_row($result);
if ($record != "") {
$_SESSION["m_id"] = $record[0];
//管理员id
$_SESSION["controller"] = $_POST[username];
//管理员名称
w_log($_POST[action], $_SESSION[controller]);
//添加日志
echo "<script>alert('登录成功');location='admin_main.php';</script>";
} else {
echo "<script>alert('用户名或密码错误');history.go(-1);</script>";
}
<?php
session_start();
include "conn/conn.php";
include "inc/func.php";
$sqlstr = "select id,u_name,u_depart,is_on from tb_users where u_user = '******' and u_pwd = '" . $_POST[pwd] . "'";
$result = mysql_query($sqlstr, $conn);
$record = mysql_fetch_row($result);
if ($record != "" and $record[3] == 1) {
if (getGroup($conn, $record[1], $_POST[u_group])) {
$_SESSION["id"] = $record[0];
$_SESSION["u_name"] = $_POST[username];
$_SESSION["u_depart"] = read_field($conn, "tb_depart", "d_name", $record[2]);
$_SESSION["u_group"] = read_field($conn, "tb_group", "u_group", $_POST[u_group]);
w_log($_POST[action]);
echo "<script>alert('��ӭ����');location='pub_main.php';</script>";
} else {
echo "<script>alert('�û������������');history.go(-1);</script>";
}
} else {
echo "<script>alert('�û������������');history.go(-1);</script>";
}
