/
admin_login.php
89 lines (78 loc) · 2.63 KB
/
admin_login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
include("common.php");
// If we're coming from the login form
if(isset($_POST['Login']) && $_POST['email'] != "" && $_POST['pass'] != "")
{
// Clean the user name
$clean_email = mysql_real_escape_string($_POST['email']);
// Clean the password
$clean_pass = mysql_real_escape_string($_POST['pass']);
$result = mysql_query("SELECT * FROM users WHERE user_email='$clean_email'")
or die("ERROR: ". mysql_error());
$num = mysql_num_rows($result);
if($num == 1)
{
$row = mysql_fetch_array($result);
extract($row);
if($user_active == 'y')
{
if(crypt($_POST['pass'], $user_pass) == $user_pass)
{
$_SESSION['user_id'] = $user_id;
$_SESSION['inst_id'] = $user_institution;
// We're logged in. Show a message and go to the admin page.
$msg->add("s", "You are now logged in.");
header("Location: admin_index.php");
}
else
{
// We failed the password check.
// Set the error and redirect back to the login page.
$msg->add("e", "Password mismatch. Please try again.");
}
}
else
{
// User not active
$msg->add("e", "User account is inactive. Please <a href='mailto:danskinem@lanecc.edu'>contact the webmaster</a>
if you need some help.");
}
}
else
{
// Not logged in. User/Pass didn't match
$msg->add("e", "User Name/Password didn't match. Please try again.");
}
}
include("header.inc.php");
?>
<h1>Log In to Spidergraph Admin</h1>
<p> </p>
<div id="TwoCol_left_50">
<form id="form1" name="form1" method="post" action="">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="28%" align="right">
<label for="email"><strong>User Name:</strong></label>
</td>
<td width="72%" align="left"><input type="text" name="email" id="email" />
(email address)</td>
</tr>
<tr>
<td align="right">
<label for="password"><strong>Password:</strong></label>
</td>
<td align="left"><input type="password" name="pass" id="pass" /></td>
</tr>
<tr>
<td align="right"> </td>
<td align="left"><input type="submit" name="Login" id="button" value="Submit" /></td>
</tr>
</table>
</form>
</div>
<div id="TwoCol_right_50">
<div align="center"><img src="images/Spidergraph-Locked.jpg" width="250" height="240" /></div>
</div>
<p> </p>
<?php include("footer.inc.php"); ?>