Hello everybody.
I have a school grade script, it’s contain of admins, teachers and students.
this script is written in Arabic, by the way i’m from Syria.
The script is working on my localhost very good, but on the web don’t work any way.
I think the problem in the Login code, and here it is :
<?php
session_start();
//==================================================
include("admin/config.php");
//==================================================
include("admin/setting.php");
include("Check.php");
echo $stylescript;
echo $stylebody;
//==================================================
$titlepage = "$schoolsname - Login page";
//==================================================
if ($action == 'trylogin')
{
if(($user_name_insert == "") OR ($user_password_insert == ""))
{
$result = mysql_query("SELECT template_content FROM school_template where template_name = '".ErrorInsertUserNameAndPassword."'");
$result_info = mysql_fetch_array($result);
$ErrorInsertUserNameAndPassword = $result_info["template_content"];
$ErrorInsertUserNameAndPassword = str_replace("\"","'",$ErrorInsertUserNameAndPassword);
eval("\$ErrorInsertUserNameAndPassword = \"$ErrorInsertUserNameAndPassword\";");
echo $ErrorInsertUserNameAndPassword;
exit;
}
$result = mysql_query("SELECT * FROM school_user where user_name = '$user_name_insert'");
$result_num = mysql_num_rows($result);
if ($result_num == 0)
{
$result = mysql_query("SELECT template_content FROM school_template where template_name = '".ErrorWrongUserNameInsert."'");
$result_info = mysql_fetch_array($result);
$ErrorWrongUserNameInsert = $result_info["template_content"];
$ErrorWrongUserNameInsert = str_replace("\"","'",$ErrorWrongUserNameInsert);
eval("\$ErrorWrongUserNameInsert = \"$ErrorWrongUserNameInsert\";");
echo $ErrorWrongUserNameInsert;
exit;
}
else
{
$result_info = mysql_fetch_array($result);
$user_password = $result_info['user_password'];
$user_password2 = $result_info['user_password2'];
$user_group_id = $result_info['user_group_id'];
$user_user_id = $result_info['user_user_id'];
if(($user_password_insert <> $user_password)
and
($user_password_insert <> $user_password2))
{
$result = mysql_query("SELECT template_content FROM school_template where template_name = '".ErrorWrongUserPasswordInsert."'");
$result_info = mysql_fetch_array($result);
$ErrorWrongUserPasswordInsert = $result_info["template_content"];
$ErrorWrongUserPasswordInsert = str_replace("\"","'",$ErrorWrongUserPasswordInsert);
eval("\$ErrorWrongUserPasswordInsert = \"$ErrorWrongUserPasswordInsert\";");
echo $ErrorWrongUserPasswordInsert;
exit;
}
else
{
$new_value_lasttime = time();
if($user_group_id == 1)
{
$result = mysql_query("SELECT * FROM school_employee where employee_id = $user_user_id");
$result_info = mysql_fetch_array($result);
$user_full_name = $result_info['employee_full_name'];
$user_login_lasttime = $result_info['employee_login_lasttime'];
include("user_login_lasttime_text.php");
$date_to_convert = $user_login_lasttime;
$sho_time=1;
//include("hejri.php");
$user_login_lasttime = $date_result;
$result = mysql_query("UPDATE school_employee SET employee_login_lasttime = '$new_value_lasttime',employee_count_login = employee_count_login+1 WHERE employee_id = $user_user_id");
}
if($user_group_id == 3)
{
$result = mysql_query("SELECT * FROM school_employee where employee_id = $user_user_id");
$result_info = mysql_fetch_array($result);
$user_full_name = $result_info['employee_full_name'];
$user_login_lasttime = $result_info['employee_login_lasttime'];
include("user_login_lasttime_text.php");
$date_to_convert = $user_login_lasttime;
$sho_time=1;
//include("hejri.php");
$user_login_lasttime = $date_result;
$result = mysql_query("UPDATE school_employee SET employee_login_lasttime = '$new_value_lasttime',employee_count_login = employee_count_login+1 WHERE employee_id = $user_user_id");
}
if($user_group_id == 4)
{
if($HTTP_SESSION_VARS['S_pas_login'] == 1){$welcomepas ="ولي امر : ";}
$result = mysql_query("SELECT * FROM school_student where student_id = $user_user_id");
$result_info = mysql_fetch_array($result);
$user_full_name = $welcomepas.''.$result_info['student_full_name'];
$user_login_lasttime = $result_info['student_login_lasttime'];
include("user_login_lasttime_text.php");
$date_to_convert = $user_login_lasttime;
$sho_time=1;
//include("hejri.php");
$user_login_lasttime = $date_result;
if($user_password_insert == $user_password2)
{
$S_pas_login = 1;
$S_student_login = 0;
session_register("S_pas_login");
session_register("S_student_login");
$result = mysql_query("UPDATE school_student SET student_login_pas_lasttime = '$new_value_lasttime',student_pas_login_count = student_pas_login_count+1 WHERE student_id = $user_user_id");
}
elseif($user_password_insert == $user_password)
{
$S_pas_login = 0;
$S_student_login = 1;
session_register("S_pas_login");
session_register("S_student_login");
$result = mysql_query("UPDATE school_student SET student_login_lasttime = '$new_value_lasttime',student_login_count = student_login_count+1 WHERE student_id = $user_user_id");
}
}
$S_user_user_id = $user_user_id;
session_register("S_user_user_id");
$S_user_group_id = $user_group_id;
session_register("S_user_group_id");
$S_user_full_name = $user_full_name;
session_register("S_user_full_name");
$S_user_login_lasttime = $user_login_lasttime;
session_register("S_user_login_lasttime");
$S_user_login_lasttime_text = $user_login_lasttime_text;
session_register("S_user_login_lasttime_text");
echo "<p dir='rtl'>Accepted..</p>";
exit("<META HTTP-EQUIV='refresh' CONTENT='2 URL=index.php'>");
}
}
}
$result = mysql_query("SELECT template_content FROM school_template where template_name = '".login."'");
$result_info = mysql_fetch_array($result);
$login = $result_info["template_content"];
$login = str_replace("\"","'",$login);
eval("\$login = \"$login\";");
echo $login;
?>Any one can help me please… I need Ur help.
Thank you…