"; if (strlen(trim($password_val)) == "") $errmsg.= "Password must not be empty
"; } //-----------------------Login----------------------------------------- if (($REQUEST_METHOD == "POST") and ($errmsg == "")) { //------------------------- Fetch Role -------------------------- $sql9 = "select * from tab_user where user_name='$user_name' and active='1' order by user_id"; $result9 = mysql_query($sql9,$db) or ("unable to select file id"); $num9 = mysql_numrows($result9); $affect = mysql_affected_rows(); $mi = 0; while ($mi < $num9) { $role = mysql_result($result9,$mi,"role"); $user_id = mysql_result($result9,$mi,"user_id"); $pass = mysql_result($result9, $mi, "password"); ++$mi; } if ($affect > 0) { if ($pass <> $password) { $accesses++; setcookie("accesses", $accesses, 0); if ($accesses >= 5) { setcookie("badlock", "invalid", time() + 3600); setcookie("bad_user", $user_name, time() + 3600); setcookie("accesses"); //$lock_at = date("d") . "\\" . date("m") . "\\" . date("Y") . " " . date("H:i"); $lock_at = date("d / m / Y H:i"); $sql = "insert into tab_user_log(user_id, user_name, lock_at) values($user_id, '$user_name', '$lock_at')"; $result = mysql_query($sql, $db) or die ("unable to insert in log table"); } $errmsg .= "invalid password.
"; } if ($pass == $password) { if (($badlock <> "") and ($bad_user == $user_name)) { header("location:login_lock.php"); } else { $role=$role; setcookie("scook_role",$role,0); setcookie("scook_id",$user_id,0); setcookie("scook_name",$user_name,0); setcookie("cook_user_name", $user_id, 0); //@ns added //Okay this is an extra security measure for the pages. //Now we assign session variables for the role/password. ////note: this information is used in validate $_SESSION["user_pass"]=$pass; /*End my part*/ header("location:admin.php"); } } } else { $errmsg .= "invalid user name or password.
"; } /* $role=$role; //---------Set cookie------------- setcookie("scook_role",$role,0); setcookie("scook_id",$user_id,0); setcookie("scook_name",$user_name,0); setcookie("cook_user_name"); setcookie("cook_user_name", $user_id, time() + 600); //-------------------------Checking For Login----------------------- $sql1 = "select * from tab_user where user_id='$user_id' and active='1' order by user_id"; $result1 = mysql_query($sql1,$db) or ("unable to select user"); $affect = mysql_affected_rows(); if ($affect > 0) { setcookie("accesses"); if (! $accesses >= 5) { header("location:admin.php"); } else {
User Login locked for one hour.
exit; } } else { $accesses++; setcookie("accesses",$accesses,0); setcookie("bad_user", $user_name, time() + 3600); $errmsg.= "Wrong Username or password"; } */ } ?> Global History of Health Project

Notice: Undefined variable: msg1 in /var/vhosts/global.sbs.ohio-state.edu/htdocs/global.php on line 228
New User Account
Password
 
Notice: Undefined variable: msg in /var/vhosts/global.sbs.ohio-state.edu/htdocs/global.php on line 252
  Login
 
Notice: Undefined variable: errmsg in /var/vhosts/global.sbs.ohio-state.edu/htdocs/global.php on line 262
Username
Password
 
This project is funded by the National Science Foundation Site designed by BlueLine
Global History of Health Symposium posters.