$myusername=$_POST["myusername"]; $mypassword=$_POST["mypassword"]; // To protect MySQL injection (more detail about MySQL injection ) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $statues = "active"; // from system table if ($sql="SELECT * FROM $tb2_name WHERE User_id='$myusername' and password='$mypassword' and statues='$statues'"); { $wql="SELECT Company FROM $tb2_name WHERE User_id='$myusername' and password='$mypassword'"; $result2 = mysqli_query($link, $wql); $details = mysqli_fetch_array($result2, MYSQLI_BOTH); $Name = $details["Company"]; $result=mysqli_query($link, $sql); // Mysql_num_row is counting table row $count=mysqli_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" setcookie("user", $myusername, time()+3600); setcookie("company", $Name, time()+3600); header("location:login_success.php"); } } // // from Manager table if ($sql="SELECT * FROM $tb3_name WHERE Employee_Number='$myusername' and password='$mypassword' and statues='$statues'"); { $wql="SELECT Company_Name FROM $tb3_name WHERE Employee_Number='$myusername' and password='$mypassword'"; $result2 = mysqli_query($link, $wql); $details = mysqli_fetch_array($result2, MYSQLI_BOTH); $Name = $details["Company_Name"]; $result=mysqli_query($link, $sql); // Mysql_num_row is counting table row $count=mysqli_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" setcookie("user", $myusername, time()+3600); setcookie("company", $Name, time()+3600); header("location:Manlogin.php"); } } // employee login if ($sql="SELECT * FROM $tbll_name WHERE Employee_Number='$myusername' and password='$mypassword' and statues='$statues'"); { $wql="SELECT Company_Name FROM $tbll_name WHERE Employee_Number='$myusername' and password='$mypassword'"; $result2 = mysqli_query($link, $wql); $details = mysqli_fetch_array($result2, MYSQLI_BOTH); $Name = $details["Company_Name"]; $result=mysqli_query($link, $sql); // Mysql_num_row is counting table row $count=mysqli_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" setcookie("user", $myusername, time()+3600); setcookie("company", $Name, time()+3600); header("location:employee_login.php"); } else { $answer = " Incorrect user name or password"; echo '<h1>' . $answer . '</h1>'; } }
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)
Submit an article or tip