Location: PHPKode > projects > Tech Tickets > index.php

//see if logged in
if(isset($_SESSION["pid"])) {header("Location: default.php");}
Logon authorization comes from p_people table
Cookies set:
-pid = p_people.pid (unique, non changing person id.  all other tables use this field as their foreign key)
-uid = p_people.userlogon (logon name, primarily used for legacy purposes)
-firstname = p_people.name_first + 1 letter of p_people.name_last (use for public displays, like message board etc)
-role = p_people.role (used for routing and permissions)
//if not logged in, display the logon screen
	$badlogon = "";
   if ($_POST){
		$username = $_POST["username"];
		$pw = $_POST["pw"];
	   //see if user and password are ok
	   //set up connection to mysql database
	   //this script pulls the db connection info from db_def.php
	   include("include/connections.php");  //you must update this file for each project
	   mysql_select_db($database, $conn);
	   //first, get username out of moregroupware db
	   $qry_allowed = "SELECT * FROM tt_users WHERE ((email = '$username') and (Password = '$pw'))";
	   $result_allowed = mysql_query($qry_allowed, $conn) or die(mysql_error());
	   if($my_row = mysql_fetch_array($result_allowed)) {
		//exists in client list of more groupware
		   //username is found and password matches
		   //Start session and set cookie with userlogon
		   $_SESSION["uid"] = $username;
		   $_SESSION["pid"] = $my_row['UserID'];
		   $_SESSION["firstname"] = $my_row['FirstName'] . " " . $my_row['LastName'];

		   //we assume this person is a client, unless they exist in our ee table
				//moregroupware groupid 8=Technician
					if ($my_row['Role']=="T"){
						$therole = "T";
					   $_SESSION["role"] = $therole;
					   $_SESSION["type"] = 'E';
					} else {
					   $therole = "U";
					   $_SESSION["role"] = $therole;
					   $_SESSION["type"] = 'C';
		   //redirect to secure index page based on role
		   //select case role...
			if (isset($whendone)){
				header("Location: $whendone");
				if($therole=="T"){ //technician
					header("Location: technician/default.php");
					header("Location: default.php");
			} //end if
		  //no user name found
			$badlogon = "Username or password incorrect.";
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<body topmargin="0">
<?php include("header.php"); ?>

	<h2 align=center><font face="Verdana, Arial, Helvetica, sans-serif">Tech Ticket System</font></h1>
	<h3 align="center"><font color="#FF0000"><?php echo $badlogon; ?></font></h3>
	<FORM  action="index.php" method="POST">
	<input type="hidden" name="action" value="login">
	<table align="center" border="0" cellpadding="2" cellspacing="2">
			<font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">
			Email address 
		<td width="157"> 
			<INPUT TYPE="TEXT"  name="username" align="middle" maxlength="50" style="background-color:#cccccc;width:100%;" onFocus="this.style.backgroundColor='#ffffcc'" onBlur="this.style.backgroundColor='#cccccc'" >
		<td><strong><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">Password</font></strong></td>
			<INPUT TYPE="password"  name="pw" align="middle" maxlength="20" style="background-color:#cccccc;width:100%;" onFocus="this.style.backgroundColor='#ffffcc'" onBlur="this.style.backgroundColor='#cccccc'" >

		<?php if(isset($whendone)) { ?><input type="hidden" name="whendone" value="<?php echo $whendone; ?>"><?php } ?>
		<td colspan="2" align="center"><INPUT TYPE="SUBMIT"  name="submit" value="Submit" align="middle"></td>
		<td colspan="2" align="right">
			<font size="1" face="Verdana, Arial, Helvetica, sans-serif">
			<a href="forgot_password.php">forgot password?</a>


<?php include("footer.php"); ?>
Return current item: Tech Tickets