-
Notifications
You must be signed in to change notification settings - Fork 1
/
confirmation.php
128 lines (117 loc) · 3.09 KB
/
confirmation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
if (session_status() == PHP_SESSION_NONE)
session_start();?>
<?php
if(isset($_GET['logintype']))
{
$logintype=test_input($_GET['logintype']);
if(strcmp($logintype,'google')==0)
{
header("Location:signstep2.php");
}
}
if(isset($_GET['username']) && isset($_GET['token']))
{ $timediff=86400;
$username=test_input($_GET['username']);
$password=test_input($_GET['token']);
include("dbconnect.php");
mysqli_select_db($con,"minorproject");
$sql="select * from users where users.username='$username' and users.password='$password'";
$result=mysqli_query($con,$sql);
$count=mysqli_num_rows($result);
if($count==1)
{
$row=mysqli_fetch_row($result);
$status=$row[5];
$logintime=$row[6];
$time=$_SERVER['REQUEST_TIME'];
$acctype=$row[1];
if((abs($time-$logintime))<$timediff)
{
$sql="update users set status='1' ,logintime=4294967295 where users.username='$username';";
mysqli_query($con,$sql);
$_SESSION['username']=$username;
if($acctype=='User')
{header("Location:signstep2.php");
mysqli_close($con);
}
else if($acctype=='Company')
{
$username=$row[2];
$query="select companyname from company where company.username='$username'";
$comres=mysqli_query($con,$query);
$countcom=mysqli_num_rows($comres);
if($countcom==1)
{
$rowcom=mysqli_fetch_row($comres);
$_SESSION['companyname']=$rowcom[0];
}
header("Location:Company/company.php");
mysqli_close($con);
}
}
else
{ mysqli_close($con);
echo '<html>
<head>
</head>
<body style="background-color:#333333;" >
<div style="height:30px;background-color:#B2BABB;width:100%;margin-top:40px;"><br>
<p style="font-size:28px;color:#B2BABB">Error 433:: link has been expired ! </p><br>
<div style="height:30px;background-color:#333333;width:100%;"><br>
</body>
</html>';
}
}
}
if(isset($_POST['loginbutton']))
{
$username=test_input($_POST['loginusername']);
$password=test_input($_POST['loginpassword']);
$password=md5($password);
include("dbconnect.php");
mysqli_select_db($con,"minorproject");
$sql="select * from users where username='$username' and password='$password';";
$result=mysqli_query($con,$sql);
$count=mysqli_num_rows($result);
if($count==1)
{
$row=mysqli_fetch_row($result);
$status=$row[5];
$acctype=$row[1];
if($status==1)
{
if($acctype=='Admin')
{
mysqli_close($con);
header("Location:admin.php");
}
else if($acctype=='User')
{
mysqli_close($con);
$_SESSION['username']=$username;
header("Location:dashboard.php");
}
else if($acctype=="Company")
{
mysqli_close($con);
$_SESSION['username']=$username;
header("Location:Company/company.php");
}
}
else
{
mysqli_close($con);
header("Location:navbar.php");
}
}
mysqli_close($con);
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>