function login($title) { if (check_login()) { header('location:./?sub'); } else { include 'config/db.php'; include 'config/settings.php'; include 'config/globals.php'; echo "<!DOCTYPE html>\n<html>\n"; display_headers($title); echo "\n<body>"; menu1("login.php", "Login", "user"); display_loginform(); $dbname = $branchyear . '_Users'; $table = $branchyear . '_Students'; //if(!mysql_select_db($dbname)) die(mysql_error()); if (isset($_POST["Login"])) { $user = mysql_real_escape_string($_POST["UserId"]); $pass = md5($_POST["Password"]); if (strlen(trim($user)) == 0) { echo "<script>show_error('Error : User Id should not be null');</script>"; exit; } if (strlen(trim($pass)) == 0) { echo "<script>show_error('Error : Password should not be null');</script>"; exit; } $q = mysql_query("SELECT Id,Password FROM `{$table}` where Id='" . $user . "';") or die(mysql_error()); $res = mysql_fetch_array($q); if (empty($res)) { echo "<script>show_error('Error : Invalid User Id ... Please try again ');</script>"; } else { if ($pass != $res["Password"]) { echo "<script>show_error('Error : Invalid Password ... Please try again ');</script>"; } else { $_SESSION['UserId'] = $user; header("location: ./?sub"); } } } echo "\n</body>\n</html>"; mysql_close($con); } }
function adminReg($title) { if (check_login()) { header("location:index.php"); } else { include 'config/db.php'; include 'config/settings.php'; include 'config/globals.php'; $dbname = $branchyear . '_Users'; $table = $branchyear . '_Students'; $table1 = $branchyear . '_Admins'; //if(!mysql_select_db($dbname)) die(mysql_error()); echo "<!DOCTYPE html>\n<html>\n"; display_headers($title); echo "\n<body>"; menu1("adminreg.php", "Registration", "user"); show_regform(); } }
function adminForgot($title) { if (check_login()) { header("location:./?sub"); } else { include 'config/db.php'; include 'config/settings.php'; include 'config/globals.php'; $dbname = $branchyear . '_Users'; $table = $branchyear . '_Students'; $table1 = $branchyear . '_Admins'; //if(!mysql_select_db($dbname)) die(mysql_error()); echo "<!DOCTYPE html>\n<html>\n"; display_headers($title); echo "\n<body>"; menu1("adminforgot.php", "Forgot Password", "unlock"); show_form(); } }
function login($title) { if (check_login()) { header('location:./?sub'); } else { include 'config/db.php'; include 'config/settings.php'; include 'config/globals.php'; echo "<!DOCTYPE html>\n<html>\n"; display_headers($title); echo "\n<body>"; menu1("forgot.php", "Forgot Password", "unlock"); display_form(); //echo "<script>show_success('Contact your CR for Security Code');</script>"; if (isset($_POST["forgot"])) { $user = addslashes($_POST["UserId"]); $code = addslashes($_POST["Code"]); $pass1 = addslashes($_POST["Pass1"]); $pass2 = addslashes($_POST["Pass2"]); if (strlen(trim($user)) == 0) { echo "<script>show_error('Error : User id should not be null');</script>"; exit; } if (strlen(trim($code)) == 0) { echo "<script>show_error('Error : Security code should not be null');</script>"; exit; } if (strlen(trim($pass2)) < 7) { echo "<script>show_error('Error : Password Length Must Be Lessthan or equals to 7');</script>"; exit; } if (strlen(trim($pass1)) < 7) { echo "<script>show_error('Error : Re-Password Length Must Be Lessthan or equals to 7');</script>"; exit; } $dbname = $branchyear . '_Users'; $table = $branchyear . '_Students'; //if(!mysql_select_db($dbname)) {die(mysql_error());} $pass = md5($pass1); $q = mysql_query("SELECT Id,Password FROM {$table} where Id='" . $user . "';") or die(mysql_query()); $res = mysql_fetch_array($q); if (empty($res)) { echo "<script>show_error('Error : Invalid User Id ... Please try again ');</script>"; exit; } else { if ($pass1 != $pass2) { echo "<script>show_error('Error : Passwords does not matched ... Please try again ');</script>"; exit; } else { $dbname = $branchyear . '_Logs'; $table = $branchyear . '_Passwords'; //if(!mysql_select_db($dbname)) {die(mysql_error()); } $q = "select `SNo`,`EndTime`, `Code`, `To`, `Status` from `{$table}` where `To` = '{$user}';"; $res = mysql_query($q) or die(mysql_error()); $n = mysql_num_rows($res); $end = ""; $dif = 0; $code1 = ""; $status = ""; $sn = 0; $StartTime = date('d-m-Y H:i:s'); while ($row = mysql_fetch_array($res)) { $end = $row['EndTime']; $dif = strtotime($end) - strtotime($StartTime); $code1 = $row['Code']; $status = $row['Status']; $sn = $row['SNo']; } if ($dif <= 7200 && $dif > 0 && $n) { if ($status == 'valid') { if ($code1 == $code) { $dbname = $branchyear . '_Users'; $table = $branchyear . '_Students'; //if(!mysql_select_db($dbname)) die(mysql_error()); $q = mysql_query("update {$table} set Password = '******' where Id='" . $user . "';") or die(mysql_query()); $dbname = $branchyear . '_Logs'; $table = $branchyear . '_Passwords'; //if(!mysql_select_db($dbname)) {die(mysql_error());} $q = mysql_query("update {$table} set Status = 'used' where `SNo` ='" . $sn . "';") or die(mysql_query()); echo "<script>show_success('{$user} password updated click on login button');</script>"; } else { echo "<script>show_error('<b>Error </b> : Security code does not matched ... Please try again ');</script>"; } } else { echo "<script>show_error('<b>Error </b> : Security code already used ... Contact your CR ');</script>"; } } else { echo "<script>show_error('<b>Error </b> : Security code expired ... Contact your CR');</script>"; } } } } echo "\n</body>\n</html>"; mysql_close($con); } }