<?php


include("settings.php");
$dbc = mysql_connect($databasehost, $databaseuname, $databasepass, $databasename);
$dbcs = mysql_select_db($databasename,$dbc);



if(!isset($_POST['op'])) $_POST['op']='';
if(!isset($_POST['username'])) $_POST['username']='';
if(!isset($_POST['password'])) $_POST['password']='';
if(!isset($op)) $op='';

$op = $_POST['op'];
$username= stripslashes($_POST['username']);
$password= stripslashes($_POST['password']);
$r_password = md5($password);

$sql = "SELECT * From edocphp_users WHERE username='$username' AND password ='$r_password'";

$sql_res = mysql_query($sql,$dbc) or die(mysql_error());

$details = mysql_fetch_array($sql_res);

if (empty($details)){
echo 'Wrong Username or Passoword<br>';
echo "<META HTTP-EQUIV=\"refresh\" content=\"1;URL=index.php\">";
	}else{
	 setcookie("username",$username,time()+86400);
	 
	 if ($details['is_admin'] == "1") {
	 setcookie("access",2,time()+86400);
	 }
	 
	 if ($details['is_s_admin'] == "1") {
	 setcookie("access",3,time()+86400);
	 }
	 
	 if (($details['is_admin'] == "") && ($details['is_s_admin'] == "")){
	 setcookie("access",1,time()+86400);
	 }
	 
echo 'Login OK!<br>';
echo "<META HTTP-EQUIV=\"refresh\" content=\"1;URL=index.php\">";
	}

?>