Verify Users
<![CDATA[
<?php
session_name('StudentsRecords');
//session_start();
$user_name = $_SESSION['user_name'];
$try_uname = $_POST['try_uid'];
$try_pw = $_POST['try_pw'];
// check password from database
require_once ('mysql_connect.php');
$query_user = "select * from allusers where user_name = \"$try_uname\" ";
$result_user = @mysql_query($query_user);
echo "
<!DOCTYPE html PUBLIC \"-//W#C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-tranitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=iso-8859-1\"/>
<link rel=\"stylesheet\" href=\"../$dir_id/styles1.css\" type=\"text/css\" media=\"screen\">
<script language=\"Javascript\">
function place_teachers_menu() {
parent.menu.location.href = \"teacher_menu.php\"
document.location.href = \"welcome.php\";
}
</script>
</head>
<body>
";
if ($result_user){
while ($row_user = mysql_fetch_array($result_user,MYSQL_ASSOC)){
$user_name = $row_user['user_name'];
$user_pw = $row_user['user_pw'];
$user_category = $row_user['user_category'];
}
if ($try_pw == $user_pw) { // password ok
$_SESSION['user_name'] = $user_name;
$_SESSION['user_category'] = $user_category;
/*
echo "
<!DOCTYPE html PUBLIC \"-//W#C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-tranitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=iso-8859-1\"/>
<link rel=\"stylesheet\" href=\"../$dir_id/styles1.css\" type=\"text/css\" media=\"screen\">
<script language=\"Javascript\">
function place_teachers_menu() {
parent.menu.location.href = \"teacher_menu.php\"
document.location.href = \"welcome.php\";
}
</script>
</head>
<body>*/
echo "
<div class=\"menu\">
<h1>Welcome <br>$user_name</h1>
<h3>You can now select from the menu.</h3>
</div>
";
if ($user_category == 'teacher'){ // get data from teachers table name, id,
$query_teacher = "select * from teachers where teacher_name = \"$user_name\" ";
$result_teacher = @mysql_query($query_teacher);
if ($result_teacher){
while ($row_teacher = mysql_fetch_array($result_teacher,MYSQL_ASSOC)){
$_SESSION['teacher_name'] = $row_teacher['teacher_name'];
$_SESSION['teacher_id'] = $row_teacher['teacher_id'];
}
}
echo "
<script language='Javascript'>
parent.menu.location.href = '../teachers_menu.php?".SID."';
</script>
";
}
else { // get data from students table name, id,
$query_student = "select * from students where student_name = \"$try_uname\" ";
$result_student = @mysql_query($query_student);
if ($result_student){
while ($row_student = mysql_fetch_array($result_student,MYSQL_ASSOC)){
$_SESSION['student_name'] = $row_student['student_name'];
$_SESSION['student_id'] = $row_student['student_id'];
}
}
echo "
<script language=\"Javascript\">
parent.menu.location.href = 'menu.php?".SID."';
</script>
";
}
}
else { echo '<h1>Sowwy</h1><br /><h2>UserID or Paffword Incorrent!</h2>'; }
echo '</body></html>';
mysql_close();
}
else {
echo "<h1>No Result Set Returned by Query to AllUsers</h1>";
}
?>
]]>