| Server IP : 172.67.187.206 / Your IP : 172.71.28.155 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/news/edu2018/ |
Upload File : |
<?php
session_start();
require 'config.php';
if ( isset($_POST['username']) && isset($_POST['password']) ) {
$sql_check = "SELECT fullname,
level_user,
id_user
FROM users
WHERE
username=?
AND
password=?
LIMIT 1";
$sql = $mysqli->prepare($sql_check);
$sql->bind_param('ss', $username, $password);
$username = $_POST['username'];
$password = md5( $_POST['password'] );
$sql->execute();
$sql->store_result();
if ( $sql->num_rows == 1 ) {
$sql->bind_result($fullname, $level_user, $id_user);
while ( $sql->fetch() ) {
$_SESSION['user_login'] = $level_user;
$_SESSION['time'] = time();
$_SESSION['sess_id'] = $id_user;
$_SESSION['fullname'] = $fullname;
}
$sql->close();
header('location:'.$level_user);
exit();
} else {
header('location: login.php?error='.base64_encode('ไม่สามารถเข้าระบบได้'));
exit();
}
} else {
header('location:login.html');
exit();
}