include("mysql.php"); function confirmUser($username, $password) { global $conn; if(!get_magic_quotes_gpc()) { $username = addslashes($username); } $q = "select * from users where name='$username'"; $result = mysql_query($q,$conn); if(!$result || (mysql_numrows($result) < 1)){ return 1; } $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $_SESSION['id'] = $dbarray['id']; $_SESSION['imie'] = $dbarray['imie']; $_SESSION['nazwisko'] = $dbarray['nazwisko']; $_SESSION['stop_naukowy'] = $dbarray['stop_naukowy']; $_SESSION['instytucja'] = $dbarray['instytucja']; $_SESSION['name'] = $dbarray['name']; $_SESSION['przyjazd'] = $dbarray['przyjazd']; $_SESSION['referat'] = $dbarray['referat']; $_SESSION['referat_temat'] = $dbarray['referat_temat']; $_SESSION['faktura_dane'] = $dbarray['faktura_dane']; $password = stripslashes($password); if($password == $dbarray['password']){ $q = "select activated from users where name='$username'"; $result = mysql_query($q,$conn); $activated = mysql_fetch_array($result); if($activated[0] == "0") { return 3; } else { return 0; } } else { return 2; } } function checkLogin() { if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){ $_SESSION['username'] = $_COOKIE['cookname']; $_SESSION['password'] = $_COOKIE['cookpass']; } if(isset($_SESSION['username']) && isset($_SESSION['password'])){ if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){ unset($_SESSION['username']); unset($_SESSION['password']); return false; } return true; } else{ return false; } } $logged_in = checkLogin(); function checkAdmin() { global $logged_in, $conn; if ($logged_in) { $user = $_SESSION['username']; $query = mysql_query("SELECT * FROM users WHERE name='$user'", $conn); $result = mysql_fetch_array($query); $checkadmin = $result["status"]; if ($checkadmin == "admin") { return true; } else { return false; } } } $is_admin = checkAdmin(); function displayLogin(){ global $username, $logged_in, $is_admin; if($logged_in) { echo '
'.$_SESSION['stop_naukowy'].' '.$_SESSION['imie'].' '.$_SESSION['nazwisko'].' '.substr($_SESSION['instytucja'], 0, 70).' '; if ($_SESSION['name'] != 'materialy') echo 'Edytuj swoje dane '; echo 'Wyloguj |
|
|||||
Konferencja: |
|