//include(header.php); session_start(); ob_start(); include "db_connect.php"; $msg=$_GET['msg']; if(isset($_SESSION['username']) || isset($_SESSION['admin_username'])) $msg=" You are already login"; if($_POST['username']) { $p = $_POST; $username = $p['username']; $password = $p['password']; $res = mysql_query("select * from tbl_user_detail where (username = '$username' OR email = '$username') and password='$password' and status='1'"); $num_rows = mysql_num_rows($res); if($num_rows==0){ $res = mysql_query("select * from tbl_guest_user where username = '$username' and password='$password' and status='1'"); $num_rows = mysql_num_rows($res); } if($num_rows==1){ $result = mysql_fetch_assoc($res); $days_access = $result['total_days_access']; $temp_date = date('Y-m-d'); $date = date_create($temp_date); date_add($date,date_interval_create_from_date_string("$days_access days")); $new_date = date_format($date,"Y-m-d"); if($temp_date <= $new_date){ $_SESSION['username'] = $username; $data = mysql_fetch_assoc($res); $_SESSION['admin_id'] = $data['id']; header("location:http://tollboothstrategy.com"); }else{ $msg="Your account is expired"; } } else{ $res = mysql_query("select * from tbl_user_detail where username = '$username' and password='$password' and status='0'"); $num_rows = mysql_num_rows($res); if($num_rows==1){ $msg="Your account is not activated by admin"; } else{ $msg="Incorrect username or password"; } } } ?>