<?php
session_start();
//if user is not loged in
if(!isset($_SESSION["manager"]))
{
header("location: admin_login.php");
exit();
}
//check if user exists in database
$managerID = preg_replace('#[^0-9#]i','',$_SESSION["id"]); //decype the id
$manager = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
//make sure person exists in database
$existCount = msql_num_rows($sql);
if($existCount == 0)
{
header("location: ../index.php");
exit();
}
?>
Warning: preg_replace() [function.preg-replace]: Unknown modifier ']' in C:\xampp\htdocs\E-COMMERCE\admin\index.php on line 10
Warning: include(../storescripts/connect_to_mysql.php) [function.include]: failed to open stream: No such file or directory in C:\xampp\htdocs\E-COMMERCE\admin\index.php on line 14
Warning: include() [function.include]: Failed opening '../storescripts/connect_to_mysql.php' for inclusion (include_path='.;C:\xampp\php\PEAR') in C:\xampp\htdocs\E-COMMERCE\admin\index.php on line 14
Fatal error: Call to undefined function msql_num_rows() in C:\xampp\htdocs\E-COMMERCE\admin\index.php on line 17
line 10:
$managerID = preg_replace('#[^0-9#]i','',$_SESSION["id"]); //decype the id
line 14:
include "../storescripts/connect_to_mysql.php";
line 17:
$existCount = msql_num_rows($sql);