<% //Inlcudes include("./inc/link.php"); include("./inc/getSQLRow.php"); %> <% /* This page provides boxes for users to enter logon information and then checks it agains the db */ if($user && $pass) { $query = "SELECT * FROM auth WHERE user='$user'"; $result = mysql_db_query($db,$query); if(mysql_num_rows($result)==0) { header("Location: ./login.php?baduser=1"); } else { $validuser = mysql_fetch_array($result); if($validuser["pass"] == $pass) { session_start(); session_name("Intranet Session"); session_register("sess"); $sess["u_id"] = $validuser["u_id"]; $sess["user"] = $validuser["user"]; $sess["seclvl"] = $validuser["seclvl"]; if(!empty($validuser["fname"])) { //Incase there is no full name use user instead $sess["fname"] = $validuser["fname"]; } else { $sess["fname"] = $validuser["user"]; } header("Location: ./index.php"); } else { header("Location: ./login.php?baduser=1"); } } } %> <% //Gets data for the admin user and contact info $companyRow=getSQLRow("phone,appname,a_user","company","c_id","1",1,$db,$link); $userRow=getSQLRow("user,fname,extension","auth","user",$companyRow["a_user"],1,$db,$link); if (!empty($userRow["extension"])) { //Just adds an x infront of the extension $userRow["extension"] = "x".$userRow["extension"]; } else { unset($userRow["extension"]); } %> <%= $companyRow["appname"] %>
 <%= $companyRow["appname"] %>:  
   

Welcome to <%= $companyRow["appname"] %>. If you need assistance please contact <%= $userRow["fname"]." at ".$companyRow["phone"]." ".$userRow["extension"] %>

   
<% if($baduser==1) { %> Your Username or Password is incorrect.
<% }%>

Username:

Password: