| Server IP : 104.21.80.248 / Your IP : 172.71.28.155 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/news/csr/admin/core/ |
Upload File : |
<?php
if(isset($_POST['login_username'])){
session_start();
ob_start();
require_once "../../include/config.php";
require_once "../../include/PasswordHash.php";
$loginusername = $mysqli->escape_string($_POST['login_username']);
$loginpassword = $mysqli->escape_string($_POST['login_password']);
$loginstatus = $mysqli->escape_string($_POST['log_status']);
if($loginstatus=="1"){
$Gtb="log_obec";
}else if($loginstatus=="2"){
$Gtb="log_area";
}else if($loginstatus=="3"){
$Gtb="log_school";
}else if($loginstatus=="4"){
$Gtb="log_donate";
}
/*
$SQL1 = $mysqli->query("SELECT * FROM $Gtb WHERE `username` ='$loginusername' ");
$Row1 = mysqli_fetch_array($SQL1);
$password=$Row1['password'];
*/
$depassword = stringEncryption('encrypt', $loginpassword);
if($loginstatus=="1"){
// ระดับ สพฐ
$SQL = $mysqli->query("SELECT * FROM log_obec WHERE `username` ='$loginusername' AND `password`='$depassword' ");
$Rec = mysqli_fetch_array($SQL);
$total=mysqli_num_rows($SQL);
if($total > 0){
$_SESSION['ugroup'] = "obec";
$_SESSION['loguser'] = $Rec['username'];
$ugroup=$_SESSION["ugroup"];
$user=$_SESSION["loguser"];
header("location: ../account.php");
exit;
}else{
header("Location: ../index.php?msg=error");
exit;
}
} else if($loginstatus=="2"){
// ระดับ เขตพื้นที่
$SQL = $mysqli->query("SELECT * FROM log_area WHERE `username` ='$loginusername' AND `password`='$depassword' ");
$Rec = mysqli_fetch_array($SQL);
$total=mysqli_num_rows($SQL);
if($total > 0) {
$_SESSION['ugroup'] = "area";
$_SESSION['loguser'] = $Rec['username'];
$ugroup=$_SESSION["ugroup"];
$user=$_SESSION["loguser"];
header("location: ../account.php");
exit;
}else{
header("Location: ../index.php?msg=error");
exit;
}
} else if($loginstatus=="3"){
// ระดับ โรงเรียน
$SQL = $mysqli->query("SELECT * FROM log_school WHERE `username` ='$loginusername' AND `password`='$depassword' ");
$Rec = mysqli_fetch_array($SQL);
$total=mysqli_num_rows($SQL);
if($total > 0) {
$_SESSION['ugroup'] = "school";
$_SESSION['loguser'] = $Rec['username'];
$ugroup=$_SESSION["ugroup"];
$user=$_SESSION["loguser"];
header("location: ../account.php");
exit;
}else{
header("Location: ../index.php?msg=error");
exit;
}
} else if($loginstatus=="4"){
// ระดับ ผู้บริจาค
$SQL = $mysqli->query("SELECT * FROM log_donate WHERE `username` ='$loginusername' AND `password`='$depassword' ");
$Rec = mysqli_fetch_array($SQL);
$total=mysqli_num_rows($SQL);
if($total >0){
$_SESSION['ugroup'] = "donate";
$_SESSION['loguser'] = $Rec['username'];
$ugroup=$_SESSION["ugroup"];
$user=$_SESSION["loguser"];
header("location: ../account.php");
exit;
}else{
header("Location: ../index.php?msg=error");
exit;
}
}else{
header("Location: ../index.php?msg=error");
exit;
}
} else {
//ไม่พบข้อมูล
header("Location: ../index.php?msg=error");
}
exit;
?>