CasperSecurity

Current Path : /var/www/acasv2.uiet.co.in/v.2.0/web/connection/loginn/

Upload File :

Current File : /var/www/acasv2.uiet.co.in/v.2.0/web/connection/loginn/login-validate.php

<?php
    session_start(); 
   // include '../dbconnection.php';
    include '../config.php';
    include '../encryption.php';
    include '../../inc/encrypter.php';

//$abc="SET GLOBAL sql_mode=(SELECT REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY',''))";

$myconn="";
     $user_name = $_POST['username'];
     $passwordd = $_POST['password'];
	//$language=$_POST['language'];

$dbhost = $host;
$dbusername = $user;
$dbpassword = $pass;
$dbdatabase = $db;
$school_name = $app_name;

/*$_SESSION['host'] =$dbhost;
$_SESSION['username'] =$dbusername;
$_SESSION['password'] =$dbpassword;
$_SESSION['database'] =$dbdatabase;
$_SESSION['school_name'] =$school_name;*/

 //$abcd='eXFHZlJCTmpHSnBINFlxUjR3UFJyQT09';
//echo $passwords = amebi_crypt($abcd,d);

     $newCaptcha = $_POST['captcha'];
    
   if($newCaptcha != amebiCrypt($_SESSION['digit'],'d')){
        unset($_SESSION['digit']);
        $_SESSION['ERROR_MSG'] = "Wrong Captcha";
        header('location:../../');
        exit();
    }

    $password = amebi_crypt($passwordd,'e');
    //echo $password;

	$macaddress = '98:FA:9B:26:59:4E';
	date_default_timezone_set('Asia/Kolkata');
	 $ctime= date('H:i');

    if(!empty($user_name)){
        //$dbHandles = new DBController();
        $dbHandles = connectDB($dbhost,$dbusername,$dbpassword,$dbdatabase);

        $checkuser = numRows($dbHandles,"SELECT * FROM user WHERE BINARY user_login_id = BINARY '$user_name' AND BINARY password = BINARY '$password' AND is_active = 'yes'");

        if($checkuser == '1'){
            $user_details = runQuery($dbHandles,"SELECT * FROM user WHERE BINARY user_login_id = BINARY '$user_name' AND BINARY password = BINARY '$password' AND is_active = 'yes'");
            foreach($user_details as $user_data){

                $_SESSION['USER_ID'] = $user_data['user_id'];
                $_SESSION['userId'] = $user_data['user_id'];
                $_SESSION['USER_NAME'] = $user_data['user_name'];
                $_SESSION['USER_TYPE'] = $user_data['type'];
  				$_SESSION['USER_LANG'] = $language;

             	
			}
            echo "Success";
			 header('location:../../home/modules/university');
        } else {
            echo "Invalid User Name or Password";
			//Login ID and password doesnot matched 
	        $_SESSION['ERROR_MSG'] = "Invalid User Name or Password";
            session_unset();
           session_destroy();
            header('location:'.$_SERVER['HTTP_REFERER']);
        }
    } else {
		 $_SESSION['ERROR_MSG'] = "Please Enter User Name"; 
        session_unset();
        session_destroy();
        header('location:'.$_SERVER['HTTP_REFERER']);
    }

    function connectDB($dbhost,$dbusername,$dbpassword,$dbdatabase) {

        $conn = mysqli_connect($dbhost, $dbusername, $dbpassword,  $dbdatabase);
        mysqli_set_charset($conn,"utf8");
        if (!$conn) {
            die('Could not connect to Server !');
        } else {
            $myconn = $conn;
            //echo 'Connection established!';
        }
        return $myconn;
    }

    function numRows($myconn,$query) {
        //echo $query;
        $result  = mysqli_query($myconn,$query);
        $rowcount = mysqli_num_rows($result);
        return $rowcount;
    }

    function runQuery($myconn,$query) {
        $result = mysqli_query($myconn,$query);
        while($row = mysqli_fetch_assoc($result)) {
            $resultset[] = $row;

        }
        if(!empty($resultset))
            return $resultset;
    }

?>