<?php
/********************************************************************************************************************
* This script is brought to you by Vasplus Programming Blog by whom all copyrights are reserved.
* Website: www.vasplus.info
* Email: [email protected]
* Please, do not remove this information from the top of this page.
*********************************************************************************************************************/
session_start();
ob_start();
include "database_connection.php";
if(isset($_POST["page"]) && !empty($_POST["page"]))
{
//Sign-up Page Starts here
if($_POST["page"] == "users_registration")
{
$firstname = trim(strip_tags($_POST['firstname']));
$lastname = trim(strip_tags($_POST['lastname']));
$user_email = trim(strip_tags($_POST['email']));
$user_password = trim(strip_tags($_POST['passwd']));
$encrypted_md5_password = md5($user_password);
$check_for_duplicates = mysql_query("select * from `signup_and_login_table` where `email` = '".mysql_real_escape_string($user_email)."'");
if($firstname == "" || $lastname == "" || $user_email == "" || $user_password == "")
{
echo '<br><div class="info">กรุณากรอกข้อมูลให้ครบถ้วน</div><br>';
}
elseif(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $user_email))
{
echo '<br><div class="info">กรุณาใส่ E-mail ให้ถูกต้อง</div><br>';
}
else if(mysql_num_rows($check_for_duplicates) > 0)
{
echo '<br><div class="info">e-mailนี้มันคนใช้แล้ว<br>กรุณาเปลี่ยน e-mailใหม่</div><br>';
}
else
{
if(mysql_query("insert into `signup_and_login_table` values('', '".mysql_real_escape_string($firstname)."', '".mysql_real_escape_string($lastname)."', '".mysql_real_escape_string($user_email)."', '".mysql_real_escape_string($encrypted_md5_password)."', '".mysql_real_escape_string('normal')."', '".mysql_real_escape_string(date('d-m-Y'))."')"))
{
$_SESSION["VALID_USER_ID"] = $user_email;
$_SESSION["USER_FULLNAME"] = strip_tags($firstname.' '.$lastname);
echo 'index.php?uid='.$_SESSION["USER_FULLNAME"].'&';
echo 'registered_successfully=yes';
}
else
{
echo '<br><div class="info">เกิดข้อผิดพลาดไม่สามารถสร้างบัญชีสมาชิกได้ กรุณาลองใหม่อีกครั้ง<br>หรือติดต่อ Admin:[email protected]</br></div><br>';
}
}
}
//Sign-up Page Ends here
//Login Page Starts here
elseif($_POST["page"] == "users_login")
{
$user_email = trim(strip_tags($_POST['email']));
$user_password = trim(strip_tags($_POST['passwd']));
$encrypted_md5_password = md5($user_password);
// Check for normal user login during the login process
$check_normal_user = mysql_query("select * from `signup_and_login_table` where `email` = '".mysql_real_escape_string($user_email)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."' and `role` = '".mysql_real_escape_string('normal')."'");$result = mysql_query("select * from `signup_and_login_table` where `email` = '".mysql_real_escape_string($user_email)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."' and `role` = '".mysql_real_escape_string('normal')."'");
if (!$result) {
die('Invalid query: ' . mysql_error());
}
// Check for admin user login during the login process
$check_admin_user = mysql_query("select * from `signup_and_login_table` where `email` = '".mysql_real_escape_string($user_email)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."' and `role` = '".mysql_real_escape_string('admin')."'");$result = mysql_query("select * from `signup_and_login_table` where `email` = '".mysql_real_escape_string($user_email)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."' and `role` = '".mysql_real_escape_string('normal')."'");
if (!$result) {
die('Invalid query: ' . mysql_error());
}
if(mysql_num_rows($check_normal_user) > 0) // If this user is a normal user
{
header("location: 'index.php'");
}
elseif(mysql_num_rows($check_admin_user) > 0) // If this user is an admin user
{
// Redirect to admins page
header("location: 'home.php'");
}
else
{
echo '<br><div class="info">คุณใส่ รหัสผ่าน หรือ emailผิด กรุณาใส่ให้ถูกต้องด้วยค่ะ</div><br>';
}
}
//Login Page Ends here
}
?>
ตอนนี้ งงว่าจะแยก สถานะยังไง จะ insert ว่าเปง user หรือ admin ตรงไหน