function do_login($auto_login = 0) { global $GO; global $ROW; // Are we already logged in? do_logout(); // Everybody goes home after login $GO = "Home"; // Auto login? if ($auto_login) { // Happens after registration session_regenerate_id(true); $_SESSION['logged_in'] = 1; $_SESSION['user_id'] = $auto_login; $_SESSION['fname'] = $ROW["fname"]; // This is the row used for registration $_SESSION['email_id'] = $ROW["email_id"]; } else { if (get_arg($_POST, "lemail_id") && get_arg($_POST, "lpassword")) { // Get parameters $_email_id = get_arg($_POST, "lemail_id"); $_password = get_arg($_POST, "lpassword"); // Validate ALL parameters if (!validate("Email ID", $_email_id, 5, 100, "EMAIL") || !validate("Password", $_password, 5, 100, "PASSWORD")) { add_msg('ERROR', "The email ID or password you entered is incorrect</br>"); return; } ################################################## # DB LOGIN # ################################################## $ROW = db_do_login($_email_id, $_password); if ($ROW[0]['STATUS'] == "OK" && $ROW[0]["NROWS"] == 1) { session_regenerate_id(true); $_SESSION['email_id'] = $_email_id; $_SESSION['logged_in'] = 1; $_SESSION['user_id'] = $ROW[0]["user_id"]; $_SESSION['fname'] = $ROW[0]["fname"]; add_msg('SUCCESS', "Welcome " . $ROW[0]["fname"] . "! </br>"); if ($ROW[0]["type"] == "E") { $_SESSION['employee'] = 1; // For employees store a backup of their details since they // switch roles often $_SESSION['e_user_id'] = $ROW[0]["user_id"]; $_SESSION['e_fname'] = $ROW[0]["fname"]; $_SESSION['e_email_id'] = $_email_id; } } } } // logged_in will not be set if we failed anywhere above if (!isset($_SESSION['logged_in']) || !$_SESSION['logged_in']) { add_msg('ERROR', "1The email ID or password you entered is incorrect</br>"); } }
function do_login($auto_login = 0) { global $GO; global $ROW; global $DOMAIN; // Are we already logged in? do_logout(); // Auto login? if ($auto_login) { // Happens after registration session_regenerate_id(true); $_SESSION['logged_in'] = 1; $_SESSION['user_id'] = $auto_login; $_SESSION['name'] = $ROW["name"]; // This is the row used for registration $_SESSION['email_id'] = $ROW["email_id"]; } else { if (get_arg($_POST, "lemail_id") && get_arg($_POST, "lpassword")) { // Get parameters $_email_id = get_arg($_POST, "lemail_id"); $_password = get_arg($_POST, "lpassword"); // Validate ALL parameters if (!validate("Email ID", $_email_id, 5, 100, "EMAIL") || !validate("Password", $_password, 5, 100, "PASSWORD")) { add_msg('ERROR', "The email ID or password you entered is incorrect</br>"); return; } ################################################## # DB LOGIN # ################################################## $ROW = db_do_login($_email_id, $_password, $DOMAIN); LOG_ARR("INFO", "ROW", $ROW); if ($ROW[0]['STATUS'] == "OK" && $ROW[0]["NROWS"] == 1) { session_regenerate_id(true); $_SESSION['email_id'] = $_email_id; $_SESSION['logged_in'] = 1; $_SESSION['user_id'] = $ROW[0]["user_id"]; $_SESSION['name'] = $ROW[0]["name"]; $_SESSION['is_admin'] = 0; $_SESSION['is_supervisor'] = 0; $_SESSION['is_superuser'] = 0; $_SESSION['is_viewer'] = 0; $_SESSION['travel_id'] = $ROW[0]["travel_id"]; $_SESSION['domain'] = $ROW[0]["domain"]; $_SESSION['travel_name'] = $ROW[0]["travel_name"]; if ($ROW[0]["type"] == "ADMIN") { $_SESSION['is_admin'] = 1; } if ($ROW[0]["type"] == "VIEWER") { $_SESSION['is_viewer'] = 1; } if ($ROW[0]["type"] == "SUPERVISOR") { $_SESSION['is_supervisor'] = 1; $_SESSION['supervisor_id'] = $ROW[0]["supervisor_id"]; } if ($ROW[0]["type"] == "SUPERUSER") { $_SESSION['is_superuser'] = 1; } add_msg('SUCCESS', "Welcome " . $ROW[0]["name"] . "! </br>"); } } } // logged_in will not be set if we failed anywhere above if (!isset($_SESSION['logged_in']) || !$_SESSION['logged_in']) { add_msg('ERROR', "The email ID or password you entered is incorrect</br>"); } LOG_ARR("INFO", "SESSION", $_SESSION); }