public function LogIn($username, $password, $module) { $con = mysql_connect($this->myHost, $this->username, $this->password); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db($this->database, $con); $result = mysql_query("SELECT employeeID,username,password,module FROM registeredUser where username = '******' and module = '" . mysql_real_escape_string($module) . "' "); while ($row = mysql_fetch_array($result)) { $this->UserPassword = Encryption::decrypt(Encryption::ENCRYPT_DECRYPT($row['password'])); $this->UserName = $row['username']; $this->UserModule = $row['module']; $this->UserEmployeeID = $row['employeeID']; } }
<?php include "encrypt.php"; $username = $_POST['username']; $password = $_POST['password']; $module = $_POST['module']; $key = $_POST['key']; $name = $_POST['name']; $ro = new database(); if ($username == "" || $password == "") { echo "\n<script>\nalert('Pls compplete the registration');\nhistory.go(-1);\n</script>\n"; } else { if ($key == "9k7n3m2l921zdke=~!d9cja#=\$58&8!<>edDr8@!2Df~~##4@-[9k8j4m9x7ak0m29szla183jd1zxkaj1j4s5ac971k8jt3]") { $username1 = mysql_real_escape_string(strip_tags($username)); $password1 = mysql_real_escape_string(strip_tags($password)); $encrypt_password = Encryption::encrypt($password1); $encrypt_password1 = Encryption::ENCRYPT_DECRYPT($encrypt_password); $ro->addUser($username, $encrypt_password1, $module, "Pagadian", $name); } else { header("Location: addUser.php"); } }