public function indexPage($email, $password, $activationcode, $connect) { $db = new db_config(); if (strlen($activationcode) == 0) { $sql = $db->mquery("EXEC dbo.login\n @email = '" . $email . "',\n @Password = '******'", $connect); } else { // with activation $sql = $db->mquery("EXEC dbo.codeUpdate \n\t\t\t\t\t@userid = '" . $email . "', \n\t\t\t\t\t@code = '" . $activationcode . "', \n\t\t\t\t\t@newpwd = '" . $password . "'", $connect); } $num = $db->numhasrows($sql); $row = $db->fetchobject($sql); if ($num == 0) { $data = '<span class="error">Incorrect username or password</span>'; } else { $data = ''; $idxRec = $db->strip($row->ID); $firstnameRec = $db->strip($row->firstname); $lastnameRec = $db->strip($row->lastname); $typeRec = $db->strip($row->type); $emailRec = $db->strip($row->email); $accountNumRec = $db->strip($row->acct_no); $userID = $db->strip($row->ID); $terms_flag = $db->strip($row->terms_flag); if ($terms_flag != 1) { session_start(); session_regenerate_id(); $_SESSION['sess_user_id'] = $db->random_value(); $_SESSION['idx'] = $idxRec; $_SESSION['first_name'] = $firstnameRec; $_SESSION['last_name'] = $lastnameRec; $_SESSION['full_name'] = $firstnameRec . ' ' . $lastnameRec; $_SESSION['email'] = $emailRec; $_SESSION['account_num'] = $accountNumRec; $_SESSION['terms_flag'] = $terms_flag; session_write_close(); echo '<script>showModalTerms();</script>'; } else { session_start(); session_regenerate_id(); $_SESSION['sess_user_id'] = $db->random_value(); $_SESSION['idx'] = $idxRec; $_SESSION['first_name'] = $firstnameRec; $_SESSION['last_name'] = $lastnameRec; $_SESSION['full_name'] = $firstnameRec . ' ' . $lastnameRec; $_SESSION['email'] = $emailRec; $_SESSION['account_num'] = $accountNumRec; session_write_close(); header("Location: accounts"); } } return $data; }