/var/www/onesolution.com.hk/support/logon.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

<?php require("configure.php"); ?>
<?
require 'checkuser.php';
if($logged_in == 1) {
    header("Location: index.php");
}
?>
<?php
$userid        $_POST["userid"];
//$password    = md5($_POST["password"]);
$password    $_POST["password"];

$sql "SELECT * FROM SYS_STAFF where userid = '$userid' and password = md5('$password') and STATUS = 1";
$result=mysql_query($sql);
$num=mysql_numrows($result);
if ($num 0)
{
    $msg        "logon success";
    $flag        "T";
    $userid        mysql_result($result,0,"userid");
    $password    mysql_result($result,0,"password");
    //$role        = mysql_result($result,0,"role");
    $userid        mysql_result($result,0,"userid");
    $username    mysql_result($result,0,"staffname");
    $roleid        mysql_result($result,0,"roleid");

    //setcookie("userid", $userid, time()+3600);
    //setcookie("userid", $userid, time()+3600);
    //setcookie("role", $role, time()+3600);
    $_POST['userid'] = stripslashes($_POST['userid']);
    $_SESSION['userid'] = $_POST['userid'];
    $_POST['password'] = stripslashes($_POST['password']);
    $_SESSION['password'] = $_POST['password'];
    $_SESSION['username'] = $username;
    $_SESSION['roleid'] = $roleid;
    header("Location: index.php");
}
?>
<html>
<head>
<link rel="stylesheet" href="main.css" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=big5" />
<title>One Solution Limited - Support</title>
</head>
<body onload="addform.userid.focus()">
<br>
<br>
<center>
<a href="../"><img src="images/logo250x50.gif" border="0"></a>
</center>
<form action="logon.php" method="post" name="addform">
    <table width="350" valign='top' align="center" border='0' cellpadding='1' cellspacing='1' bgcolor='#c0c0c0'>
    <tr><td class='content' bgcolor='#FFFFFF' align='center' valign='center'>
        <br><br>
        <form action="logon.php" method="post" name="addform">
            <table border="0" cellpadding="0" cellspacing="0" width="80%">
                <tr><td class='content' align="right" width="200" height="30">User Name</td><td class='content'>:&nbsp&nbsp&nbsp;</td>
                    <td class='content'><input type="text" class='content' name="userid" value="" size="25" maxlength="25"></td></tr>
                <tr><td class='content' align="right" valign="top" height="30">Password</td><td class='content' valign="top">:&nbsp&nbsp&nbsp</td>
                    <td class='content'><input type="password" class='content' name="password" value="" size="25" maxlength="25"></td></tr>
                <tr><td colspan="2" align="right" height="30"></td>
                    <td align="right" class="contenttext"><input type="submit" value="User Login" class='content'></td></tr>
            </table>
        </form>
        <br>
    </td></tr>
    </table>
</form>
<center>
<div class="footer">
Copyrights &copy One Solution Limited
</div>
</center>
</body>
</html>