public function login_student($student_id, $student_password)
{
if (empty($student_id) || empty($student_password)) {
echo "Username or Password is invalid";
return false;
}
$student_id = stripslashes($student_id);
$student_password = stripslashes($student_password);
$student_id = mysql_real_escape_string($student_id);
$student_password = mysql_real_escape_string($student_password);
$student_password = sha1($student_password);
$students_rec = mysql_query("SELECT * FROM " . $this->students_table . " where student_id = {$student_id};");
if (($obj = mysql_fetch_object($students_rec)) != NULL) {
$student = new student($obj->student_id, $obj->user_name, $obj->user_password, $obj->change_password);
if ($student->getUser_password() == $student_password) {
echo "welcome " . $student->getUser_name();
return true;
} else {
echo "Wrong password";
return false;
}
} else {
echo "No such user!";
return false;
}
}
