Exemple #1
0
function login($title)
{
    if (check_login()) {
        header('location:./?sub');
    } else {
        include 'config/db.php';
        include 'config/settings.php';
        include 'config/globals.php';
        echo "<!DOCTYPE html>\n<html>\n";
        display_headers($title);
        echo "\n<body>";
        menu1("login.php", "Login", "user");
        display_loginform();
        $dbname = $branchyear . '_Users';
        $table = $branchyear . '_Students';
        //if(!mysql_select_db($dbname)) die(mysql_error());
        if (isset($_POST["Login"])) {
            $user = mysql_real_escape_string($_POST["UserId"]);
            $pass = md5($_POST["Password"]);
            if (strlen(trim($user)) == 0) {
                echo "<script>show_error('Error : User Id should not be null');</script>";
                exit;
            }
            if (strlen(trim($pass)) == 0) {
                echo "<script>show_error('Error : Password should not be null');</script>";
                exit;
            }
            $q = mysql_query("SELECT Id,Password FROM `{$table}` where Id='" . $user . "';") or die(mysql_error());
            $res = mysql_fetch_array($q);
            if (empty($res)) {
                echo "<script>show_error('Error : Invalid User Id ... Please try again ');</script>";
            } else {
                if ($pass != $res["Password"]) {
                    echo "<script>show_error('Error : Invalid Password ... Please try again ');</script>";
                } else {
                    $_SESSION['UserId'] = $user;
                    header("location: ./?sub");
                }
            }
        }
        echo "\n</body>\n</html>";
        mysql_close($con);
    }
}
function adminReg($title)
{
    if (check_login()) {
        header("location:index.php");
    } else {
        include 'config/db.php';
        include 'config/settings.php';
        include 'config/globals.php';
        $dbname = $branchyear . '_Users';
        $table = $branchyear . '_Students';
        $table1 = $branchyear . '_Admins';
        //if(!mysql_select_db($dbname)) die(mysql_error());
        echo "<!DOCTYPE html>\n<html>\n";
        display_headers($title);
        echo "\n<body>";
        menu1("adminreg.php", "Registration", "user");
        show_regform();
    }
}
function adminForgot($title)
{
    if (check_login()) {
        header("location:./?sub");
    } else {
        include 'config/db.php';
        include 'config/settings.php';
        include 'config/globals.php';
        $dbname = $branchyear . '_Users';
        $table = $branchyear . '_Students';
        $table1 = $branchyear . '_Admins';
        //if(!mysql_select_db($dbname)) die(mysql_error());
        echo "<!DOCTYPE html>\n<html>\n";
        display_headers($title);
        echo "\n<body>";
        menu1("adminforgot.php", "Forgot Password", "unlock");
        show_form();
    }
}
Exemple #4
0
function login($title)
{
    if (check_login()) {
        header('location:./?sub');
    } else {
        include 'config/db.php';
        include 'config/settings.php';
        include 'config/globals.php';
        echo "<!DOCTYPE html>\n<html>\n";
        display_headers($title);
        echo "\n<body>";
        menu1("forgot.php", "Forgot Password", "unlock");
        display_form();
        //echo "<script>show_success('Contact your CR for Security Code');</script>";
        if (isset($_POST["forgot"])) {
            $user = addslashes($_POST["UserId"]);
            $code = addslashes($_POST["Code"]);
            $pass1 = addslashes($_POST["Pass1"]);
            $pass2 = addslashes($_POST["Pass2"]);
            if (strlen(trim($user)) == 0) {
                echo "<script>show_error('Error : User id should not be null');</script>";
                exit;
            }
            if (strlen(trim($code)) == 0) {
                echo "<script>show_error('Error : Security code should not be null');</script>";
                exit;
            }
            if (strlen(trim($pass2)) < 7) {
                echo "<script>show_error('Error : Password Length Must Be Lessthan or equals to 7');</script>";
                exit;
            }
            if (strlen(trim($pass1)) < 7) {
                echo "<script>show_error('Error : Re-Password Length Must Be Lessthan or equals to 7');</script>";
                exit;
            }
            $dbname = $branchyear . '_Users';
            $table = $branchyear . '_Students';
            //if(!mysql_select_db($dbname)) {die(mysql_error());}
            $pass = md5($pass1);
            $q = mysql_query("SELECT Id,Password FROM {$table} where Id='" . $user . "';") or die(mysql_query());
            $res = mysql_fetch_array($q);
            if (empty($res)) {
                echo "<script>show_error('Error : Invalid User Id ... Please try again ');</script>";
                exit;
            } else {
                if ($pass1 != $pass2) {
                    echo "<script>show_error('Error : Passwords does not matched ... Please try again ');</script>";
                    exit;
                } else {
                    $dbname = $branchyear . '_Logs';
                    $table = $branchyear . '_Passwords';
                    //if(!mysql_select_db($dbname)) {die(mysql_error());	}
                    $q = "select `SNo`,`EndTime`, `Code`, `To`, `Status` from `{$table}` where `To` = '{$user}';";
                    $res = mysql_query($q) or die(mysql_error());
                    $n = mysql_num_rows($res);
                    $end = "";
                    $dif = 0;
                    $code1 = "";
                    $status = "";
                    $sn = 0;
                    $StartTime = date('d-m-Y H:i:s');
                    while ($row = mysql_fetch_array($res)) {
                        $end = $row['EndTime'];
                        $dif = strtotime($end) - strtotime($StartTime);
                        $code1 = $row['Code'];
                        $status = $row['Status'];
                        $sn = $row['SNo'];
                    }
                    if ($dif <= 7200 && $dif > 0 && $n) {
                        if ($status == 'valid') {
                            if ($code1 == $code) {
                                $dbname = $branchyear . '_Users';
                                $table = $branchyear . '_Students';
                                //if(!mysql_select_db($dbname)) die(mysql_error());
                                $q = mysql_query("update {$table} set Password = '******' where Id='" . $user . "';") or die(mysql_query());
                                $dbname = $branchyear . '_Logs';
                                $table = $branchyear . '_Passwords';
                                //if(!mysql_select_db($dbname)) {die(mysql_error());}
                                $q = mysql_query("update {$table} set Status = 'used' where `SNo` ='" . $sn . "';") or die(mysql_query());
                                echo "<script>show_success('{$user} password updated click on login button');</script>";
                            } else {
                                echo "<script>show_error('<b>Error </b> : Security code does not matched ... Please try again ');</script>";
                            }
                        } else {
                            echo "<script>show_error('<b>Error </b> : Security code already used ... Contact your CR ');</script>";
                        }
                    } else {
                        echo "<script>show_error('<b>Error </b> : Security code expired ... Contact your CR');</script>";
                    }
                }
            }
        }
        echo "\n</body>\n</html>";
        mysql_close($con);
    }
}