OverLord Shell
<?php
echo 111111;exit;
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
include("db/conn.php");
$username=$connection->real_escape_string($_POST['username']);
$password=$connection->real_escape_string(trim($_POST['password']));
if(empty($username) || empty($password)){echo "Invalid Username or Password";exit;}
else{
$loginq="SELECT * FROM WHERE (company_email='".$username."' OR username='".$username."') AND password='".md5busdir_mst_company($password)."'";
$loginr=$connection->query($loginq);
$loginrow=$loginr->fetch_assoc();
$count=$loginr->num_rows;
$loginr->free();
if($count==1)
{
if($loginrow['active']=='y')
{
session_start();
$_SESSION['plans']=$loginrow['plans']; // user plan
$_SESSION['company_id']=$loginrow['company_id'];//user id
$_SESSION['company_name']=$loginrow['company_name'];//user name
$_SESSION['company_id']=$loginrow['company_id'];//user id
$_SESSION['company_name']=$loginrow['company_name'];//user name
$_SESSION['loggedin']=true;//user login
$_SESSION['loggedin_user']="company";//login by
echo "success"."~".$_SESSION['plans'];
}
else echo "User Account Disabled. Contact <strong>Admin</strong>.";
}
else
{
$loginq="SELECT * FROM busdir_mst_users WHERE username='".$username."' AND password='".$password."'";
$loginr=$connection->query($loginq);
$loginrow=$loginr->fetch_assoc();
$count=$loginr->num_rows;
$loginr->free();
if($count==1){
if($loginrow['active']=='y'){
session_start();
$_SESSION['company_id']=$loginrow['usersrno'];
$_SESSION['company_name']=$loginrow['username'];
$_SESSION['name']=$loginrow['name'];
//$_SESSION['role']=explode(',',$loginrow['role']);
$_SESSION['loggedin_user']="admin";
echo "success";
}
else echo "User Account Disabled. Contact <strong>Admin</strong>.";
}
}
else echo "Invalid Username or Password";
}
$connection->close();
?>
xRyukZ - Copyright 2k19