ikan Uploader :
Directory : /var/www/html/shardahospital_old.org/lp/hospital-lms/
Upload File : |
| Current File : /var/www/html/shardahospital_old.org/lp/hospital-lms/sign.php |
<?php
session_start();
error_reporting(0);
require_once 'secure/db_config.php';
date_default_timezone_set('Asia/Kolkata');
$_SERVER['REMOTE_ADDR'];
//print_r($_POST);
/******* login detail *****************/
$url = json_decode(file_get_contents("http://api.ipinfodb.com/v3/ip-city/?key=2b3d7d0ad1a285279139487ce77f3f58d980eea9546b5ccc5d08f5ee62ce7471&ip=".$_SERVER['REMOTE_ADDR']."&format=json"));
$city_name = $url->cityName;
$regionName = $url->regionName;
$ipAddress = $url->ipAddress;
$country_code = $url->countryCode;
$latitude = $url->latitude;
$longitude = $url->longitude;
$timezone = $url->timeZone;
$login_date = date('d-m-Y h:i:s');
$user_email = mysqli_real_escape_string($connection,stripslashes($_POST['user_email']));
$passwords = mysqli_real_escape_string($connection,stripslashes($_POST['user_password']));
$user_type = mysqli_real_escape_string($connection,stripslashes($_POST['user_type']));
$dataqwry = mysqli_query($connection,"SELECT id,email,password,user_type from `tbl_user` WHERE email='".$_POST['user_email']."' && password='".md5($passwords)."' && status='1'");
$drows = mysqli_fetch_array($dataqwry);
$usertYpess = $drows['user_type'];
if($usertYpess=='Administration'){
$stmt = mysqli_query($connection,"SELECT id,email,password,user_type from `tbl_user` WHERE email='".$_POST['user_email']."' && password='".md5($passwords)."'");
} if($usertYpess=='User'){
$stmt = mysqli_query($connection,"SELECT id,email,password,user_type from `tbl_user` WHERE email='".$_POST['user_email']."' && password='".md5($passwords)."'");
}
$row = mysqli_num_rows($stmt);
if($row > 0){
$datash = mysqli_fetch_array($stmt);
$_SESSION['USENM'] = $datash['email'];
$_SESSION['sid'] = $datash['id'];
$_SESSION['utype'] = $datash['user_type'];
echo "correct";
} else{
echo 'wrong';
}
?>
Kontol Shell Bypass