Current Path : /www/users/H10079900/sysadm/
Url:
Current File : /www/users/H10079900/sysadm/loginAction.php

<?
	include "../inc/inc.php";
	session_start();
	//检查用户
	$account=$_POST['name'];
	$psw=$_POST['password'];
	$lang=1;
	$code=$_POST['postcode'];
	if($code!=$_SESSION["zcode"])
	{
		echo "<SCRIPT LANGUAGE='Javascript'>";
		echo "alert('您输入的验证码错误,请重新输入!');";
		echo "location.href='login.php'";
		echo "</SCRIPT>";
	}
	//查询登录资料
	$sql="select * from user where account='$account' and psw='$psw' and auditing=1 and is_admin=1 and popedom>0;";
	$result=mysql_query($sql);
	if(mysql_num_rows($result)>0)
	{
			$date=mysql_fetch_array($result);
			$popedom=$date['popedom'];
			$_SESSION['popedom']=$popedom;
			$_SESSION['Account']=$date['account'];
			setcookie("postcode",$code,time()+3600,"/"); //1小时后失效
			//写如登陆日志
			$datetime=date("Y-m-d H:i:s") ;
			$sql="INSERT INTO `adminlogs` (`name` , `action` , `ip` , `date` , `type` ) 
                  VALUES ('$account', '登陆', '".$_SERVER['REMOTE_ADDR']."', '$datetime', '提示');";
			mysql_query($sql);	  
			//页面跳转
			$url="index.php?lang=".$lang;
			echo "<SCRIPT LANGUAGE='Javascript'>"; 
			echo "location.href='$url'"; 
			echo "</SCRIPT>";
	}
	else
	{
		echo "<SCRIPT LANGUAGE='Javascript'>";
		echo "alert('您输入的用户名或密码错误!');";
		echo "location.href='login.php'";
		echo "</SCRIPT>";
	}
?>