if(isset($_POST['submit']))
{
// username and password sent from form
$user=$_POST['user'];
$pass=$_POST['pass'];
$sql="SELECT * FROM tbl_user WHERE user='$user' and pass='$pass' and type='user' ";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
if($count > 0)
{
$row=mysql_fetch_object($result);
$id = $row->empID;
$user = $row->user;
$pass = $row->pass;
$type = $row->type;
$status = $row->status;
$_SESSION['id']=$id;
$_SESSION['user']=$user;
$_SESSION['pass']=$pass;
$_SESSION['type']=$type;
if( $status=='inactive')
{
$result ="UPDATE tbl_user SET status = 'active' WHERE empID = '$id' ";
$rs2 = mysql_query($result) or die("Invalid Query <br>$result");
echo'<script type="text/javascript">document.location.href="login.php";</script>';
}
else
{
echo'<script type="text/javascript">';
echo'alert("Error: Account is currently Active, Log in Faild.")';
echo '</script>';
}
}
elseif(isset($_POST['reg']))
{
echo'<script type="text/javascript">document.location.href="reg.php";</script>';
}
else {
echo'<font style="font-family:Tahoma;font-size:11px;color:#990000"> Wrong Username or Password</font>';
}
}
?>
No comments:
Post a Comment