<?
session_start();
include('include/config.php');
include('include/global.php');
$uname=$_POST["username"];
$password=$_POST["password"];
$backurl="";
if(isset($_POST["backurl"]))
{
$backurl=$_POST["backurl"];
}
$qry="Select * from `user` where `username` ='".$uname."' and `password` ='".$password."'";
$resultset=mysql_query($qry) or die(mysql_error());
$no_row=mysql_num_rows($resultset);
#echo $row['deleted'].'='.$row['valid'];die;
if($no_row>0)
{
$row=mysql_fetch_array($resultset);
$_SESSION['TMP_STAMP']=time();
if($row['valid']==1 && $row['deleted']==0)
{
$_SESSION['ses_member_id']=$row["user_id"];
$_SESSION['username']=$row["username"];
$_SESSION['fname']=$row["name"];
//delete order record of uer in temparary table
$del_temp_order=mysql_query('delete from temp_reward_order where user_id='.$row['user_id'])or die(mysql_error());
if($backurl=="")
{
echo "<meta http-equiv='refresh' content='0;URL=myprofile.php'>";
}
else
{
echo "<meta http-equiv='refresh' content='0;URL=$backurl'>";
}
}
if($row["valid"]==1 && $row["deleted"]==1)
{
echo "<meta http-equiv='refresh' content='0;URL=thanks.php?backurl=$backurl&errmsg=Your profile has been disapproved.'>";
}
/*else
{
echo "<meta http-equiv='refresh' content='0;URL=login.php?backurl=$backurl&errmsg=Incorrect Username Or Password.'>";
}*/
}
else
{
echo "<meta http-equiv='refresh' content='0;URL=thanks.php?backurl=$backurl&errmsg=Incorrect Username Or Password.'>";
}
?>
