Can not verify your ID and Password. Please try again."; // Login error exit(); } else if ($status == 1) { // initiate a session session_start(); // register some session variables session_register("SR"); // including the username session_register("FID"); $FID = $ID; // add a record into log header("Location: time.php?semester=$Semester"); exit(); } else if ($status == 2) { // initiate a session session_start(); // register some session variables session_register("SR"); // including the username session_register("FID"); $FID = $ID; // add a record into log header("Location: password.php?semester=$Semester&f=1"); exit(); } // authenticate id/password against a database // returns: 0 if id and password is incorrect // GroupID if username and password are correct function authenticate($user, $pass) { include("../include/dbconfig.php"); // check login and password // connect and execute query $connection = mysql_connect($db_host, $db_user, $db_pass) or die ("Unable to connect!"); $query = "SELECT Status from SR_instructor WHERE InstructorID = '$user' AND Password = OLD_PASSWORD('$pass')"; mysql_select_db($db_name); $result = mysql_query($query, $connection) or die ("Error in query: $query. " . mysql_error()); // if row exists -> user/pass combination is correct if (mysql_num_rows($result) == 1) { $row = mysql_fetch_row($result); // global $group; // $group = $row[0]; $ustatus = $row[0]; if ($ustatus == '0')//user disabled { print "

Your ID has been disabled. Please contact the LLC webmaster.

"; exit(); } else if ($ustatus == '2')//user { return 2; } return 1; } // user/pass combination is wrong else { return 0; } } ?>