<?PHP
+include_once('/var/www/secure.php');
function check_user($email,$pass){
global $petition;
$res = $petition->query("SELECT * FROM users WHERE email = '$email'");
$hash = $explode[0];
$salt = $explode[1];
$test = md5($pass.$salt);
- if( $test == $hash && ($user['level'] == 'Operations' || $user['level'] == 'Client' || $user['level'] == 'Gold Member')){
+ if( $test == $hash ){
setcookie("id", $user['id']);
setcookie("name", $user['name']);
setcookie("email", $user['email']);
setcookie("level", $user['sec_level']);
setcookie("group_id", $user['group_id']);
header('Location: index.php');
- }elseif($user['level'] != 'Admin' && $user['level'] != 'Manager'){
- return "Invalid Security Level.";
- }else{
+ }else{
return "Wrong Password.";
}
}else{
</tr>
<tr>
<td> </td>
- <td><input type="submit" name="loginGo" value="Log In" /></td>
+ <td><input type="submit" name="loginGo" value="Log In" /> or <a href='reset.php'>Reset Password</a></td>
</tr>
</table>
</form>