01.
<?php
02.
session_start();
03.
mysql_connect(
"localhost"
,
""
,
""
);
04.
mysql_select_db(
""
);
05.
$strSQL
=
"SELECT * FROM number WHERE username ='"
.trim(
$_POST
['usernamelogin
'])."'
06.
and
password =
'".trim($_POST['
passwordlogin
'])."'
07.
and
active =
'Yes'
";
08.
$objQuery
= mysql_query(
$strSQL
);
09.
$objResult
= mysql_fetch_array(
$objQuery
);
10.
if
(!
$objResult
)
11.
{
12.
echo
"<meta http-equiv=\"refresh\" content=\"2;URL=index.php\" />"
;
13.
}
14.
else
15.
{
16.
$_SESSION
[
"user_id"
] =
$objResult
[
"user_id"
];
17.
$_SESSION
[
"status"
] =
$objResult
[
"status"
];
18.
19.
session_write_close();
20.
21.
if
(
$objResult
[
"status"
] ==
'Admin'
)
22.
header(
"location:admin/admin.php?sid="
.session_id());
23.
else
24.
header(
"location:user/user.php?sid="
.session_id());
25.
26.
}
27.
28.
mysql_close();
29.
?>