PK

<?php
/**
 * Process.php
 * 
 * The Process class is meant to simplify the task of processing
 * user submitted forms, redirecting the user to the correct
 * pages if errors are found, or if form is successful, either
 * way. Also handles the logout procedure.
 *
 * jpWare php login system v.1.0.0
 * Copyright (C) 2009, Vlad Hristov (www.wonderwebware.com)
 * Copyright (C) 2004,2009  entity known as jpmaster77 (www.evolt.org/node/60384) and Ivan Novak (www.ivannovak.com)
 * Last Updated: Nov 27, 2009
 */
include("include/session.php");


global $database, $form;  //The database and form object

$subuser=$_POST[user];
$subpass=$_POST[pass];
if($_GET[action]=="signoff"){
	session_destroy();
	header("location:index.php");
}

if($subuser && $subpass){
	/* Username error checking */
	$field = "user";  //Use field name for username
	$q = "SELECT * FROM ".TBL_USERS." WHERE username='$subuser' and password='".md5($subpass)."' ";
	$result=mysql_query($q) or die(mysql_error());
	if($row=mysql_fetch_array($result)){
		/* Username and password correct, register session variables */
		$userinfo  = $database->getUserInfo($subuser);
		$username  = $_SESSION['username'] = $userinfo['username'];
		$user_id    = $_SESSION['user_id']   = $userinfo['user_id'];
		$userlevel = $userinfo['userlevel'];

		$session->logged_in=true;
		header("location:create-certificate.php");
	}else{
		$session->logged_in=false;
		//header("location:create-certificate.php");
	}
}else{
	echo "Invalid username / password";
}

?>

PK 99