B.O.B.S -Log in Page-

“;
}
// if password is empty, error message is put.
if ($_POST[‘loginpass’]==null || $_POST[‘loginpass’]==””){
$errMsg.=”Please put Login Password.
“;
}
else{
/* database open ****************/
$url = $DB_URL;
$user = $DB_USER;
$pass = $DB_PASSWORD;
$db = $DB_NAME;

// connect to DB
$mysqli = new mysqli($url, $user, $pass, $db);
if (!$mysqli){
exit(“failed to connect to Database” .mysql_error());
}
$mysqli -> set_charset(‘utf8’);

$inputid=$mysqli->real_escape_string($_POST[‘loginid’]);
$inputpwd=$mysqli->real_escape_string($_POST[“loginpass”]);
$sql=”SELECT * FROM user WHERE user_login_id=’$inputid'”;
$result = $mysqli->query($sql);
if (!$result)
exit(“

failed sending query

SQL:”.$sql);
while($row = $result->fetch_assoc()){
$dbuserid=$row[“user_ID”];
$dbusertype=$row[‘user_type’];
$dbpwd=$row[“user_login_pass”];
}
if ($dbusertype==1){
$sql=”SELECT restaurant_ID FROM restaurant WHERE user_ID=’$dbuserid'”;
$result = $mysqli->query($sql);
if (!$result)
exit(“

failed sending query

SQL:”.$sql);
while($row = $result->fetch_assoc()){
$dbrestid=$row[“restaurant_ID”];
}
}

/* database close ************************/
$mysqli->close();
/* password check ************************/

if (password_verify($inputpwd, $dbpwd)) {

$timeout = time()+$SESSIONTIME*60;
session_regenerate_id(TRUE);
$sessionid=session_id();

/* database close ************************/
$mysqli->close();
/* password check ************************/

$_SESSION[“USERTYPE”] = $dbusertype;
$_SESSION[‘EXPIRE’] = time() + ($SESSION_TIMEOUT*60);

if ($dbusertype==0){ // Admin
$_SESSION[“USERID”] = $dbuserid;
// $sql=”INSERT INTO sessions (session_ID, expire, user_ID, usertype_ID) VALUES (‘$sessionid’,’$timeout’, ‘$dbuserid’, ‘$dbusertype’)”;
// $result = $mysqli->query($sql);
// if(!$result){ exit(“failed: ” .mysql_error());}
// /* database close ************************/
// $mysqli->close();
// /* password check ************************/
header(“Location: http://www.blueringsystems.com/bobs/RestaurantBooking/admin/home.php”);
}
elseif ($dbusertype==1){ // Restaurant
$_SESSION[“USERID”] = $dbrestid;
// $sql=”INSERT INTO sessions(session_ID, expire, user_ID, usertype_ID) VALUES (‘$sessionid’,’$timeout’, ‘$dbrestid’, ‘$dbusertype’)”;
// $result = $mysqli->query($sql);
// if(!$result) exit(“failed: ” .mysql_error());
// /* database close ************************/
// $mysqli->close();
// /* password check ************************/
header(“Location: http://www.blueringsystems.com/bobs/RestaurantBooking/restaurant/home.php”);
}
exit;
}
else {
// fail.
$errMsg = “User ID or Login Password are wrong.”;
}
}
}
?>






Login