| Server IP : 172.67.187.206 / Your IP : 172.71.28.155 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/pr/ |
Upload File : |
<?php
include 'functions.php';
if(isset($_SESSION['user_id'])) {
header("Location: dashboard.php");
exit();
}
$error = "";
if(isset($_POST['btn_login'])) {
$username = mysqli_real_escape_string($conn, $_POST['username']);
$password = $_POST['password'];
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = mysqli_query($conn, $sql);
if(mysqli_num_rows($result) == 1) {
$row = mysqli_fetch_assoc($result);
$real_pass = decrypt_pass($row['password']);
if($password == $real_pass) {
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['username'] = $row['username'];
$_SESSION['role'] = $row['role'];
$_SESSION['group_name'] = $row['group_name'];
header("Location: dashboard.php");
exit();
} else {
$error = "รหัสผ่านไม่ถูกต้อง";
}
} else {
$error = "ไม่พบชื่อผู้ใช้งาน";
}
}
echo get_header("เข้าสู่ระบบ");
?>
<div class="row justify-content-center mt-5">
<div class="col-md-5">
<div class="card p-4">
<h3 class="text-center mb-4">เข้าสู่ระบบประชาสัมพันธ์</h3>
<?php if($error) echo "<div class='alert alert-danger'>$error</div>"; ?>
<form method="post">
<div class="mb-3">
<label>Username</label>
<input type="text" name="username" class="form-control" required>
</div>
<div class="mb-3">
<label>Password</label>
<input type="password" name="password" class="form-control" required>
</div>
<button type="submit" name="btn_login" class="btn btn-primary w-100">Login</button>
</form>
</div>
</div>
</div>
<?php echo get_footer(); ?>