<?php /*** Autoload class files ***/ function __autoload($class) { require '../include/' . strtolower($class) . '.class.php'; } $funcbase = new dbutils(); /*** conexion a bd ***/ $mysqli = $funcbase->conecta(); if (is_object($mysqli)) { /*** checa login***/ $funcbase->checalogin($mysqli); } else { die("<h1>'No se establecio la conexion a bd'</h1>"); } $req = "SELECT idsuccliente,nom_corto FROM succliente WHERE nom_corto like '" . mysqli_real_escape_string($mysqli, $_GET['term']) . "%' && status <> 2"; $query = mysqli_query($mysqli, $req); while ($row = mysqli_fetch_array($query)) { $results[] = array_map('utf8_encode', array('label' => $row['nom_corto'], 'idsuccliente' => $row['idsuccliente'])); } /* liberar la serie de resultados */ mysqli_free_result($query); /* cerrar la conexion */ mysqli_close($mysqli); /*funcion de conversion de caracteres */ /* rutina para detectar falta de resultados */ if (!isset($results)) { $results = -99; echo json_encode($results); } else {
<?php /*** Autoload class files ***/ function __autoload($class) { require 'include/' . strtolower($class) . '.class.php'; } //directiva a la conexion con base de datos $funcbase = new dbutils(); $mysqli = $funcbase->conecta(); /*** si se establecio la conexion***/ if (is_object($mysqli)) { session_start(); $error = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { // username and password sent from form $myusername = mysqli_real_escape_string($mysqli, $_POST['username']); $mypassword = mysqli_real_escape_string($mysqli, $_POST['password']); $sql = sprintf("SELECT id,nombre,empresa,nivel FROM usuarios WHERE username='******' \n and passcode=(AES_ENCRYPT('%s','%s'))", $mypassword, $mypassword); $result = mysqli_query($mysqli, $sql); $row = mysqli_fetch_array($result); $nivel = $row[3]; $username = $row[1]; $empre = $row[2]; $count = mysqli_num_rows($result); $result->free(); $mysqli->close(); // If result matched $myusername and $mypassword, table row must be 1 row if ($count == 1) { $_SESSION['login_user'] = $myusername; $_SESSION['username'] = $username;