CasperSecurity
<?php
session_start();
// include '../dbconnection.php';
include '../config.php';
include '../encryption.php';
include '../../inc/encrypter.php';
$myconn="";
$user_name = $_POST['username'];
$passwordd = $_POST['password'];
//$language=$_POST['language'];
$dbhost = $host;
$dbusername = $user;
$dbpassword = $pass;
$dbdatabase = $db;
$school_name = $app_name;
$dbHandles = connectDB($dbhost,$dbusername,$dbpassword,$dbdatabase);
$check_class = numRows($dbHandles,"SELECT * FROM (student
INNER JOIN class ON student.class_id =class.class_id) WHERE student.registration_no = '$user_name' AND class.class_name = 'MBA'");
/*$_SESSION['host'] =$dbhost;
$_SESSION['username'] =$dbusername;
$_SESSION['password'] =$dbpassword;
$_SESSION['database'] =$dbdatabase;
$_SESSION['school_name'] =$school_name;*/
$abcd='eXFHZlJCTmpHSnBINFlxUjR3UFJyQT09';
$pas = amebi_crypt($abcd,d);
$newCaptcha = $_POST['captcha'];
if($newCaptcha != amebiCrypt($_SESSION['digit'],'d')){
unset($_SESSION['digit']);
$_SESSION['ERROR_MSG'] = "Wrong Captcha";
header('location:../../');
exit();
}
$password = amebi_crypt($passwordd,'e');
//echo $password;
$macaddress = '98:FA:9B:26:59:4E';
date_default_timezone_set('Asia/Kolkata');
$ctime= date('H:i');
if($check_class == '1'){
if(!empty($user_name)){
//$dbHandles = new DBController();
$dbHandles = connectDB($dbhost,$dbusername,$dbpassword,$dbdatabase);
$checkuser = numRows($dbHandles,"SELECT * FROM user WHERE BINARY user_login_id = BINARY '$user_name' AND BINARY password = BINARY '$password' AND is_active = 'yes'");
if($checkuser == '1'){
$user_details = runQuery($dbHandles,"SELECT * FROM user WHERE BINARY user_login_id = BINARY '$user_name' AND BINARY password = BINARY '$password' AND is_active = 'yes'");
foreach($user_details as $user_data){
$_SESSION['USER_ID'] = $user_data['user_id'];
$_SESSION['userId'] = $user_data['user_id'];
$_SESSION['USER_NAME'] = $user_data['user_name'];
$_SESSION['USER_TYPE'] = $user_data['type'];
//$_SESSION['USER_LANG'] = $language;
}
echo "Success";
header('location:../../home/modules/university');
} else {
echo "Invalid User Name or Password";
//Login ID and password doesnot matched
$_SESSION['ERROR_MSG'] = "Invalid User Name or Password";
session_unset();
session_destroy();
header('location:'.$_SERVER['HTTP_REFERER']);
}
} else {
$_SESSION['ERROR_MSG'] = "Please Enter User Name";
session_unset();
session_destroy();
header('location:'.$_SERVER['HTTP_REFERER']);
}
}else {
$_SESSION['ERROR_MSG'] = "Please Enter correct User Name";
session_unset();
session_destroy();
header('location:'.$_SERVER['HTTP_REFERER']);
}
function connectDB($dbhost,$dbusername,$dbpassword,$dbdatabase) {
$conn = mysqli_connect($dbhost, $dbusername, $dbpassword, $dbdatabase);
mysqli_set_charset($conn,"utf8");
if (!$conn) {
die('Could not connect to Server !');
} else {
$myconn = $conn;
//echo 'Connection established!';
}
return $myconn;
}
function numRows($myconn,$query) {
//echo $query;
$result = mysqli_query($myconn,$query);
$rowcount = mysqli_num_rows($result);
return $rowcount;
}
function runQuery($myconn,$query) {
$result = mysqli_query($myconn,$query);
while($row = mysqli_fetch_assoc($result)) {
$resultset[] = $row;
}
if(!empty($resultset))
return $resultset;
}
?>