PK
<?php
session_start();
require_once 'common/common.php';
//print_r($_POST);
$username=$_POST['username'];
$password=$_POST['password'];
$city=$_POST['city'];
$errorMessage = '';
if (isset($_POST['username']) && isset($_POST['password']))
{
if($_POST['city']=="amritser")
{
mysql_connect("localhost","pcfcindi_lg2012","XEgzF{X^e]~i") or die('Could not connect to Server');
mysql_select_db("pcfcindi_newamritsar") or die('database not found');
//header('location: members_area.php');
}
elseif($_POST['city']=="ludhiana")
{
mysql_connect("localhost","pcfcindi_lg2012","XEgzF{X^e]~i") or die('Could not connect to Server');
mysql_select_db("pcfcindi_newamritsar") or die('database not found');
//header('location: ludhiana/members_area.php');
}
$tname=$_POST['username'];
$Password1=md5($_POST['password']);
// check if the user id and password combination exist in database
$sql = "SELECT
id,
user
FROM
amembs
WHERE
user='$tname'
AND
pass=('$Password1')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
if (mysql_num_rows($result) == 1)
{
// the user id and password match,
// set the session
$idc=mysql_fetch_array($result);
$_SESSION['city'] = $_POST['city'];
$_SESSION['user_id'] = $idc['id'];
$_SESSION['str_sessid']="ZG93bmxvYWRmaWxlc2hhc2gvMQ";
//last login update in amembs table.
$din=date('D, d M Y + H:i:s a');
$sql = "UPDATE
amembs
SET
lastlogin='$din'
WHERE
user = '$tname'
AND
pass =('$Password1')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
// after login we move to the main page
$getroot=get_root();
if($city=='ludhiana')
{
header('location: '.$getroot.'/ludhiana/members_area.php');
}
else
{
header('location: '.$getroot.'/members_area.php');
}
// header('Location: members_area.php');
// exit;
}
else
{
header('location: login_new.php?error=message');
///$errorMessage = '<span style="color:red;">Sorry, wrong username or password</span>';
}
}
?>
PK 99