login.php
<?php
if(!session_start()){
session_start();
}
include "include/connect.php";
include "include/functions.php";
$error[] = '';
$flag = false;
function get_login($username,$password)
{
global $db_conx;
$encrypted = encryptedPassword($password);
//$sql = "select * from users where username = '".$username."' and password = '".$password."' and status = 1";
$sql = "select u.*, p.rname, cl.*
from users u
LEFT JOIN post_t p
ON u.post_id = p.rid
LEFT JOIN clinic_master cl
ON u.cid = cl.cid
where u.username = '".$username."' and u.password = '".$encrypted."' ";
//where u.username = '".$username."' and u.password = '".$encrypted."' and u.status = 1 and u.display = 1 and u.islogin = 0";
return $loginchk = mysqli_query($db_conx,$sql);
//return mysqli_num_rows($loginchk);
}
if(isset($_POST['username']))
{
$username = string_sanitize($_POST['username']);
$password = string_sanitize($_POST['password']);
$loginchk = get_login($username,$password);
if(mysqli_num_rows($loginchk) == 1){
$row = mysqli_fetch_assoc($loginchk);
//now check user for disable, expire,
//and u.status = 1 and u.display = 1 and u.islogin = 0
$status = $row['status'];
$display = $row['display'];
$islogin = $row['islogin'];
$planenddate = $row['planenddate'];
//echo "<pre>";print_r($row);
$loginStatus = $displayStatus = $isloginStatus = $enddateStatus = false;
$todaysdate = date('Y-m-d');
if($status == 1){
$loginStatus = true;
}
else{
$error[] = "This user is disabled.";
}
if ($display == 1) {
$displayStatus = true;
}else{
$error[] = "This user is deleted.";
}
if ($islogin == 0) {
$isloginStatus = true;
}else{
$error[] = "This user is already login or blocked. To login, please unblock this user.";
}
if( $todaysdate <= $planenddate){
$enddateStatus = true;
} else {
$error[] = "This user or clinic plan is expired. Please renew it for login";
}
if($loginStatus == true && $displayStatus == true && $isloginStatus == true && $enddateStatus == true){
$_SESSION['userid'] = $row['userid'];
$_SESSION['cid'] = $row['cid'];
$_SESSION['role'] = $row['post_id'];
$_SESSION['rname'] = $row['rname'];
$_SESSION['fname'] = $row['fname'];
$_SESSION['lname'] = $row['lname'];
$_SESSION['username'] = $row['username'];
$_SESSION['password'] = $password;
$_SESSION['encryptedPassword'] = $row['password'];
if($row['userimage'] == ''){
$_SESSION['userimage'] = 'User-Icon-300x300.jpg';
}else {
$_SESSION['userimage'] = $row['userimage'];
}
$_SESSION['clinicname'] = $row['clinicname'];
$_SESSION['staffqty'] = $row['staffqty'];
$_SESSION['plan'] = $row['plan'];
$_SESSION['doctorname'] = $row['doctorname'];
$_SESSION['doctorlastname'] = $row['doctorlastname'];
$_SESSION['address'] = $row['address'];
$_SESSION['mobilenumber1'] = $row['mobilenumber1'];
$_SESSION['mobilenumber2'] = $row['mobilenumber2'];
$_SESSION['landline'] = $row['landline'];
$_SESSION['adminUser'] = $row['adminUser'];
$_SESSION['degree'] = $row['degree'];
$_SESSION['planid'] = $row['planid'];
$_SESSION['planenddate'] = $row['planenddate'];
$pid = $_SESSION['userid'];
$activeDepartments = get_users_active_departments($pid);
$_SESSION['activeDepartments'] = $activeDepartments;
$_SESSION['token'] =generateRandomString();
$_SESSION['clinic_emailid'] = $row['emailid'];
$_SESSION['pdf_doctorname'] = $row['pdf_doctorname'];
$_SESSION['pdf_degree'] = $row['pdf_degree'];
$_SESSION['pdf_doctortagline'] = $row['pdf_doctortagline'];
$_SESSION['pdf_clinicname'] = $row['pdf_clinicname'];
$_SESSION['pdf_clinictagline'] = $row['pdf_clinictagline'];
$_SESSION['pdf_address'] = $row['pdf_address'];
$_SESSION['pdf_addresstagline'] = $row['pdf_addresstagline'];
$_SESSION['pdf_registernumber'] = $row['pdf_registernumber'];
$_SESSION['pdf_phonenumbers'] = $row['pdf_phonenumbers'];
$_SESSION['pdf_emailid'] = $row['pdf_emailid'];
loggeduser();
setIsLogin();
//echo "<pre>"; print_r($row);
//echo "<br>---------------------------------------<br>";
//print_r($_SESSION); exit;
//echo "<script type='text/javascript'>window.location.href = 'index.php';</script>" ;
}
}
else{
$error[] = "Invalid Username Or Password!";
}
}
if (!empty($_SESSION['token'])) {
header('Location: index.php');
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>OPDMS Login Page</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="css/animate.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<script async src="https://www.google.com/recaptcha/api.js?render=6LfrBrMfAAAAAJtiXF1gugzCcuwHazIBmvqwa2qH"></script>
<style type="text/css" media="screen">
.grecaptcha-badge { visibility: hidden;}
</style>
</head>
<body class="gray-bg">
<div class="middle-box text-center loginscreen animated fadeInDown">
<div>
<div>
<h1 class="logo-name">CL+</h1>
</div>
<h3>Welcome to OPDMS</h3>
<p>Use Your given User ID and Pasword to logged in.
<!--Continually expanded and constantly improved Inspinia Admin Them (IN+)-->
</p>
<p>Login in. Feel new experience.</p>
<center style="color:red; margin-top:10px;"><?php //echo $error;
foreach ($error as $msg) {
echo $msg;
}
?></center>
<form class="m-t" role="form" method="post" name="login" id="login">
<div class="form-group">
<input type="text" class="form-control" placeholder="Username" required="required" name="username" id="username">
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="Password" required="required" name="password" id="password">
</div>
<input type="hidden" name="recaptcha_response" id="recaptchaResponse">
<button type="submit" class="btn btn-primary block full-width m-b" >Login</button>
<div class="pull-left">
<a href="register.php"><small>Registration</small></a>
</div>
<div class="pull-right">
<a href="forget_password.php"><small>Forgot password?</small></a>
</div>
<div >
<a href="unblockUser.php"><small>Unblock User</small></a>
</div>
</form>
</div>
</div>
<?php include "footer.php"; ?>
<!-- Mainly scripts -->
<script src="js/jquery-2.1.1.js"></script>
<script src="js/bootstrap.min.js"></script>
<script type="text/javascript">
function login(){
let username = $('#username').val();
let password = $('#password').val();
if(username.length != '' && password.length != ''){
$.ajax({
type: "POST",
url: "ajax.php",
data: 'loginUsername='+username+'&password='+password,
//data: formData,
beforeSend: function(){
$('#mydiv').show();
$("#usernmmsg").html('');
$("#msgdisplay").html('');
},
success: function(data){
$('#mydiv').hide();
if(data == 1)
{
$("#msgdisplay").html("<div class='col-md-12'><div class='alert alert-success fade in'><a class='close' title='close' aria-label='close' data-dismiss='alert' href='#'>×</a><strong>Done! </strong> You are registered with us. Check Email for more details.</div> </div>");
//$("#msgdisplay").fadeTo(2000, 500).slideUp(500, function(){
// $("#msgdisplay").slideUp(500);
//});
//$("#content").load("show_role.php");
//setTimeout(function(){ location.reload(); }, 3000);
//location.reload();
}else{
$("#msgdisplay").html("<div class='col-md-12'><div class='alert alert-danger fade in'><a class='close' title='close' aria-label='close' data-dismiss='alert' href='#'>×</a><strong>Error! </strong> Data Not Saved. </div> </div>");
//$("#msgdisplay").fadeTo(2000, 500).slideUp(500, function(){
// $("#msgdisplay").slideUp(500);
//});
//location.reload();
}
}
});
}
}
</script>
</body>
</html>
No comments:
Post a Comment