001.
<?php
require_once
(
'../Connections/myconnect.php'
); ?>
002.
<?php
003.
if
(!function_exists(
"GetSQLValueString"
)) {
004.
function
GetSQLValueString(
$theValue
,
$theType
,
$theDefinedValue
=
""
,
$theNotDefinedValue
=
""
)
005.
{
006.
if
(PHP_VERSION < 6) {
007.
$theValue
= get_magic_quotes_gpc() ?
stripslashes
(
$theValue
) :
$theValue
;
008.
}
009.
010.
$theValue
= function_exists(
"mysql_real_escape_string"
) ? mysql_real_escape_string(
$theValue
) : mysql_escape_string(
$theValue
);
011.
012.
switch
(
$theType
) {
013.
case
"text"
:
014.
$theValue
= (
$theValue
!=
""
) ?
"'"
.
$theValue
.
"'"
:
"NULL"
;
015.
break
;
016.
case
"long"
:
017.
case
"int"
:
018.
$theValue
= (
$theValue
!=
""
) ?
intval
(
$theValue
) :
"NULL"
;
019.
break
;
020.
case
"double"
:
021.
$theValue
= (
$theValue
!=
""
) ? doubleval(
$theValue
) :
"NULL"
;
022.
break
;
023.
case
"date"
:
024.
$theValue
= (
$theValue
!=
""
) ?
"'"
.
$theValue
.
"'"
:
"NULL"
;
025.
break
;
026.
case
"defined"
:
027.
$theValue
= (
$theValue
!=
""
) ?
$theDefinedValue
:
$theNotDefinedValue
;
028.
break
;
029.
}
030.
return
$theValue
;
031.
}
032.
}
033.
?>
034.
<?php
035.
036.
if
(!isset(
$_SESSION
)) {
037.
session_start();
038.
}
039.
040.
$loginFormAction
=
$_SERVER
[
'PHP_SELF'
];
041.
if
(isset(
$_GET
[
'accesscheck'
])) {
042.
$_SESSION
[
'PrevUrl'
] =
$_GET
[
'accesscheck'
];
043.
}
044.
045.
if
(isset(
$_POST
[
'user'
])) {
046.
$loginUsername
=
$_POST
[
'user'
];
047.
$password
=
$_POST
[
'password'
];
048.
$MM_fldUserAuthorization
=
""
;
049.
$MM_redirectLoginSuccess
=
"for-cus.php"
;
050.
$MM_redirectLoginFailed
=
"log-cus.php"
;
051.
$MM_redirecttoReferrer
= false;
052.
mysql_select_db(
$database_myconnect
,
$myconnect
);
053.
054.
$LoginRS__query
=sprintf(
"SELECT cus_username, cus_password FROM tbcustomer WHERE cus_username=%s AND cus_password=%s"
,
055.
GetSQLValueString(
$loginUsername
,
"text"
), GetSQLValueString(
$password
,
"text"
));
056.
057.
$LoginRS
= mysql_query(
$LoginRS__query
,
$myconnect
)
or
die
(mysql_error());
058.
$loginFoundUser
= mysql_num_rows(
$LoginRS
);
059.
if
(
$loginFoundUser
) {
060.
$loginStrGroup
=
""
;
061.
062.
if
(PHP_VERSION >= 5.1) {session_regenerate_id(true);}
else
{session_regenerate_id();}
063.
064.
$_SESSION
[
'MM_Username'
] =
$loginUsername
;
065.
$_SESSION
[
'MM_UserGroup'
] =
$loginStrGroup
;
066.
067.
if
(isset(
$_SESSION
[
'PrevUrl'
]) && false) {
068.
$MM_redirectLoginSuccess
=
$_SESSION
[
'PrevUrl'
];
069.
}
070.
header(
"Location: "
.
$MM_redirectLoginSuccess
);
071.
}
072.
else
{
073.
header(
"Location: "
.
$MM_redirectLoginFailed
);
074.
}
075.
}
076.
?>
079.
<head>
080.
<meta http-equiv=
"Content-Type"
content=
"text/html; charset=utf-8"
/>
081.
<title>หน้าหลัก</title>
082.
<style type=
"text/css"
>
083.
body {
084.
background-image: url(../101835645.jpg);
085.
background-color: #FCC;
086.
}
087.
</style>
088.
<script type=
"text/javascript"
>
089.
function
MM_goToURL() {
090.
var
i, args=MM_goToURL.arguments; document.MM_returnValue = false;
091.
for
(i=0; i<(args.length-1); i+=2)
eval
(args[i]+
".location='"
+args[i+1]+
"'"
);
092.
}
093.
</script>
094.
</head>
095.
096.
<body>
097.
<form id=
"form1"
name=
"form1"
method=
"POST"
action=
"<?php echo $loginFormAction; ?>"
>
098.
<div align=
"center"
>
099.
<table width=
"519"
height=
"95"
border=
"1"
>
100.
<tr>
101.
<td width=
"723"
><img src=
"../เข้าสู่ระบบๅ1.png"
width=
"511"
height=
"87"
/></td>
102.
</tr>
103.
</table>
104.
<table border=
"1"
>
105.
<tr>
106.
<td>ชื่อผู้ใช้:</td>
107.
<td><label
for
=
"user"
></label>
108.
<input type=
"text"
name=
"user"
id=
"user"
/>
109.
*</td>
110.
</tr>
111.
<tr>
112.
<td>รหัสผ่าน:</td>
113.
<td><label
for
=
"password"
></label>
114.
<input type=
"password"
name=
"password"
id=
"password"
/>
115.
*</td>
116.
</tr>
117.
<tr>
118.
<td colspan=
"2"
><div align=
"center"
>
119.
<input name=
"button"
type=
"submit"
id=
"button"
value=
"เข้าระบบ"
/>
120.
<input name=
"button2"
type=
"submit"
id=
"button2"
onclick=
"MM_goToURL('parent','../main.php');return document.MM_returnValue"
value=
"ออก"
/>
121.
</div></td>
122.
</tr>
123.
</table>
124.
125.
</div>
126.
<div align=
"center"
></div>
127.
<div align=
"center"
></div>
128.
129.
</form>
130.
</body>
131.
</html>