include("../include/varConfig.php"); include('../include/mbConfig.php'); include("../include/webConfig.php"); include("../include/connectDB.php"); include("../include/dateFunction.php"); include("../include/numberFunction.php"); include("../include/utilityFunction.php"); $db=new connect_db(); if ((isset($_GET['act'])) and ($_GET['act']=="session") and ($_SESSION['user']!="")) { $_SESSION['mbUser'] = $_SESSION['user']; $_SESSION['mbUserInfo']['username'] = $_SESSION['userInfo']['username']; $_SESSION['mbUserInfo']['name'] = $_SESSION['userInfo']['name']; $_SESSION['mbUserInfo']['country'] = $_SESSION['userInfo']['country']; die(""); } else if ((isset($_POST['username'])) and (isset($_POST['password']))) { if ($db->sendCmd("select a.userID,a.username,a.fName,a.country from ".$pf."user a, ".$pf."invoice b where a.username = '".insertText($_POST['username'])."' and a.password = '".md5($_POST['password'])."' and b.paymentStatus !='n' and a.userID=b.userID and YEAR(b.createDate)='$setForYear'")) { $data=$db->get_fetch_array(); $_SESSION['mbUser'] = $data['userID']; $_SESSION['mbUserInfo']['username'] = showText($data['username']); $_SESSION['mbUserInfo']['name'] = showText($data['gName']); $_SESSION['mbUserInfo']['country'] = showText($data['country']); $db->free_result(); $db->close(); die(""); } else $errMsg="You don't have permission to access on this Website"; } ?>