HEX

File: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../v/login.php
<?php require("../const.inc.php");include('../Connections/videoondemand.php');
$p = $_GET['p'];
$c = $_GET['c'];
$first = $_GET['first'];

 

$goback = $_GET["goback"];
   session_start(); 
	   // this sets variables in the session 
		$_SESSION['goback']= $goback; 
		
		


if ($_POST['doLogin']=='Sign in')
{


$user_email = mysqli_real_escape_string($link,$_POST['usr_email']);
 $md5pass = md5(mysql_real_escape_string($link,$_POST['pwd']));
/*$md5pass = md5("b59c67bf196a4758191e42f76670ceba") */;
 
if (strpos($user_email,'@') === false) {
    $user_cond = "tel='$user_email'";
} else {
      $user_cond = "user_email='$user_email'";
    }
$sql = "SELECT `catalogid`,`catalogname`,`approved`,`admin`,`slug` FROM users WHERE 
           $user_cond
			AND `pwd` = '$md5pass' AND `banned` = '0'
			"; 
			$result = mysqli_query($sql) or die (mysql_error()); 
$num = mysql_num_rows($result);
  // Match row found with more than 1 results  - the user is authenticated. 
    if ( $num > 0 ) { 
	
	list($catalogid,$catalogname,$approved,$admini,$sluga) = mysql_fetch_row($result);
	
	
	/*
	if ($admini == 4){
		
			session_start(); 
			$_SESSION['user_admin']= $catalogid;  
header("Location: admin/admin_main.php");
exit();
				}*/
	
	
/*	if(!$approved) {
	$msg = "Account not activated. Please open the email that we sent you and click on the activation link.";
	header("Location: logincorporate?msg=$msg");
	 exit();
	 } */
	
/*	$admin_user = 'santosokottah';
$admin_pass = 'santrack';
	if(($admin_user == $admin) && ($admin_pass == $pass) ) {
session_start(); 		   
				   
			
	   // this sets variables in the session 
$_SESSION['user_admin']= $admin;  
header("Location: admin/admin_main.php");
}	
*/

 session_start(); 
	   // this sets variables in the session 
		$_SESSION['euserid']= $catalogid; 
		$_SESSION['admini']= $admini; 
	
		$_SESSION['euserid'] = $catalogid;
	
		$_SESSION['isLogin'] = true;
		
		
		
		
		
		
		
		
		//set a cookie witout expiry until 60 days
		if(isset($_POST['remember'])){
				  setcookie("user_id", $_SESSION['euserid'], time()+60*60*24*60, "/");
				   setcookie("euserid", $_SESSION['euserid'], time()+60*60*24*60, "/");
				   setcookie("admini", $_SESSION['admini'], time()+60*60*24*60, "/");
				   setcookie("sluga", $_SESSION['sluga'], time()+60*60*24*60, "/");
				  setcookie("user_name", $_SESSION['user_name'], time()+60*60*24*60, "/");
				   }
				   
		    
 
  if ($admini == 7){
		
			
header("Location: home.php");
exit();
				}
				
				else
				
				{
					 header("Location: ../index.php");
				}
/* header("Location: ".$_SESSION['goback']); */
   

 
			 
     
		
		}
		else
		{
		
		
 
	/*if(!empty($goback)){ header("Location: ".$_SESSION['goback']);  }*/
	
 $msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
		header("Location: login.php?msg=$msg&goback=".$_SESSION['goback']);
		/*$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
		 header("Location: ".$_SESSION['goback']); */
		}
}
					 
	  
 
?>
<html>
<head>
<title>Sign in  </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>

<script src="../js/flexi-background.js" type="text/javascript" charset="utf-8"></script>  <script>
  $(document).ready(function(){
    $("#logForm").validate();
  });
  </script>
 
	<link rel="stylesheet" href="../css/flexi-background.css" type="text/css" media="screen" />
	<link rel="stylesheet" href="../css/styles.css" type="text/css" media="screen" />
    <link href="<?php echo $siteaddress; ?>system/css/eziki.css" rel="stylesheet" type="text/css" />
</head>
<style type="text/css">
<!--
.style1 {font-size: 14px}
.style2 {font-size: 13px}
.style3 {font-weight: bold}
.centa {
	text-align: center;
}
-->
</style>

<body style="background-image:url(a.jpg); background-position:right">
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">


  
  
   <tr>

    <td width="100%" height="100%"  valign="top">
    
  
  



 

 <div id="box"  style="margin-top:150px" > 
		<h1 style=" color:#FFF;	margin-top:10px;">Sign in</h1><?php include("header.php"); ?>
<form  action="login.php" method="post" name="logForm" id="logForm" >
			<input type="text" onClick="this.value='';" onFocus="this.select()" onBlur="this.value=!this.value?'Phone':this.value;" value="Phone" name="usr_email" class="required" />
	<input  name="pwd" type="password" class="required password"  onclick="this.value='';" onFocus="this.select()" onBlur="this.value=!this.value?'Password':this.value;" value="Password">
			<input type="checkbox" id="remember"  name="remember" value="1"/>
<div class="hover-opacity"><label for="remember">Remember </label></div>
			<input name="doLogin" type="submit"  value="Sign in" />
		</form>
        
        
</div>
	<center><table width="150" border="0" style="font-size:14px">
  <tr>
    <td style="padding-right:10px"><a href="register.php"  class="ezbutton">Register</a></td>
    <td><a href="forgot.php"  class="ezbutton">Password?</a></td>
  </tr>
</table>
</center>




  
   </td></tr></table>




</body>
</html>