Mini Shell

Current File : /home/serb/public_html/login-process.php
<?
  session_start();
 include("lib/globals.php");
 include("lib/common.php");
 include("lib/functions.php");
 if($_POST)
  {
	  $qur="SELECT * FROM user_info WHERE (username='".$_POST['username']."' or email='".$_POST['username']."') AND password='".$_POST['passWord']."'" ;
	  $res=execute_query($qur);
	  $row=mysql_fetch_array($res);
	 // echo $row['user_status'];
	  $num=mysql_num_rows($res);
	  if($num>0)
	  {
		if($row['status']=='a')
		{
			$_SESSION['userlogin']="true";
			$_SESSION['userid']=$row['userid'];  
			$_SESSION['user']=$row['username'];
			$_SESSION['acctype']=$row['user_type'];
			$_SESSION['islogin']='yes';
			
			
			$date=date('Y-m-d');
			 if($_GET['estid'])
				{
					
					$sql_escort="SELECT * FROM escort_details where id='".$_GET['estid']."'";
					$res_escort=execute_query($sql_escort);
					$row_escort=mysql_fetch_array($res_escort);
					
					?>
					<script language="javascript">
                     
                        location.href="escort-service-dtls.php?name=<?=$row_escort['nickname']?>&phone=<?=$row_escort['tel_national']?>&cityname=<?=$row_escort['escort_city']?>";
                        
                    </script>   
                    <?
					
				}
				else if($_GET['advinfo'])
				
				{
					?>
					<script language="javascript">
                     
                        location.href="escort-advertising.php";
                        
                    </script>   
                    <?
				}
			
			else if($row['user_type']=='agency')
			{
				?>
			<script language="javascript">
			 
				location.href="agency-account.php";
				
			</script>   
			<?
				
			}
			else if($row['user_type']=='hobbyist')
			  {
				  $sql_rwdpoint="SELECT * FROM user_info WHERE userid='".$row['userid']."'";
					$res_rwdpoint=execute_query($sql_rwdpoint);
					$row_rwdpoint=mysql_fetch_array($res_rwdpoint);
								
					$totrwd=$row_rwdpoint['rewards'] + 1;
					if($row_rwdpoint['logdate']!=$date)
					{
					
					$update_rwdpoint="UPDATE user_info SET rewards='$totrwd',logdate='$date' WHERE userid='".$row['userid']."'";
					execute_query($update_rwdpoint);
					}
				  
				  ?>
					<script language="javascript">
                     
                        location.href="hobbyist-dashboard.php";
                        
                    </script>   
                  <?
				  
			  }			  
			  			
			 else if($_GET['log'])
				{
					?>
					<script language="javascript">
                     
                        location.href="home.php";
                        
                    </script>   
                    <?
					
				}
				 else if($_GET['newuser'])
				{
					$_SESSION['countryname']='US';
					?>
					<script language="javascript">
                     
                        location.href="dashboard.php";
                        
                    </script>   
                    <?
					
				}
				
			
			
			else
			 {
				 $sql_rwdpoint="SELECT * FROM user_info WHERE userid='".$row['userid']."'";
				$res_rwdpoint=execute_query($sql_rwdpoint);
				$row_rwdpoint=mysql_fetch_array($res_rwdpoint);
							
				$totrwd=$row_rwdpoint['rewards'] + 1;
				if($row_rwdpoint['logdate']!=$date)
				{
				//$ipp=@$_SERVER['REMOTE_ADDR'];
				$update_rwdpoint="UPDATE user_info SET rewards='$totrwd',logdate='$date' WHERE userid='".$row['userid']."'";
				execute_query($update_rwdpoint);
				}
				?>
			<script language="javascript">
			 
				location.href="dashboard.php";
				
			</script>   
			<? 
			 }
		}
		else
		{
		?>
		<script language="javascript">
			alert('Your Account is not Activate. Check Your E-mail to activate your Account');
            location.href="home.php";
        </script>   
    	<? 
		}
	  }
	  else
	  {
	 ?>
             <script language="javascript">
			 	alert('You are not a registered member. Join to Escortservice.org');
            	location.href="join.php";
        	 </script> 
      <?
	  }
  }
?>
./BlackJoker Mini Shell 1.0