public function LogIn($username, $password, $module)
{
$con = mysql_connect($this->myHost, $this->username, $this->password);
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db($this->database, $con);
$result = mysql_query("SELECT employeeID,username,password,module FROM registeredUser where username = '******' and module = '" . mysql_real_escape_string($module) . "' ");
while ($row = mysql_fetch_array($result)) {
$this->UserPassword = Encryption::decrypt(Encryption::ENCRYPT_DECRYPT($row['password']));
$this->UserName = $row['username'];
$this->UserModule = $row['module'];
$this->UserEmployeeID = $row['employeeID'];
}
}
<?php
include "encrypt.php";
$username = $_POST['username'];
$password = $_POST['password'];
$module = $_POST['module'];
$key = $_POST['key'];
$name = $_POST['name'];
$ro = new database();
if ($username == "" || $password == "") {
echo "\n<script>\nalert('Pls compplete the registration');\nhistory.go(-1);\n</script>\n";
} else {
if ($key == "9k7n3m2l921zdke=~!d9cja#=\$58&8!<>edDr8@!2Df~~##4@-[9k8j4m9x7ak0m29szla183jd1zxkaj1j4s5ac971k8jt3]") {
$username1 = mysql_real_escape_string(strip_tags($username));
$password1 = mysql_real_escape_string(strip_tags($password));
$encrypt_password = Encryption::encrypt($password1);
$encrypt_password1 = Encryption::ENCRYPT_DECRYPT($encrypt_password);
$ro->addUser($username, $encrypt_password1, $module, "Pagadian", $name);
} else {
header("Location: addUser.php");
}
}
