"; // Some servers have magic quotes turned on and they add slashes to strings with quotes //------------------------------------------------------------------------------------- if (get_magic_quotes_gpc()) { function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); return $value; } $_POST = array_map('stripslashes_deep', $_POST); $_GET = array_map('stripslashes_deep', $_GET); $_COOKIE = array_map('stripslashes_deep', $_COOKIE); $_REQUEST = array_map('stripslashes_deep', $_REQUEST); } $login_cnt = $_REQUEST['login']; $show_login=true; //-- Check if User Login //---------------------------------------- $u_password = $_REQUEST['u_password']; $email = $_REQUEST['email']; $q_email = str_replace("'","''",$email); if ($u_password and $email!='') { $sqlquery = "SELECT `id`,password,firstname,lastname,school,grade,usertype FROM users WHERE users.email='$q_email' ORDER BY lastname ASC"; $result = mysql_query($sqlquery); $number = mysql_numrows($result); if ($number) { $i=0; $key = mysql_result($result,$i,"id"); $password = mysql_result($result,$i,"password"); $firstname = mysql_result($result,$i,"firstname"); $lastname = mysql_result($result,$i,"lastname"); $school = mysql_result($result,$i,"school"); $grade = mysql_result($result,$i,"grade"); $u_type = mysql_result($result,$i,"usertype"); if ($u_password == $password) { $_SESSION["$WBCTK_SessionKey"] = true; $_SESSION["WBCTK_UserID"] = "$key"; $_SESSION["WBCTK_UserName"] = "$firstname $lastname"; $_SESSION["WBCTK_FirstName"] = "$firstname"; $_SESSION["WBCTK_LastName"] = "$lastname"; $_SESSION["WBCTK_School"] = "$school"; $_SESSION["WBCTK_Grade"] = "$grade"; if ($u_type) {$_SESSION["WBCTK_UserType"] = "$u_type";} else {$_SESSION["WBCTK_UserType"] = "User";} $UserType = $_SESSION["WBCTK_UserType"]; $loggedIn = $_SESSION["$WBCTK_SessionKey"]; if ($u_type == "Admin") {$welcome = "an Administrator";} else {$welcome = "a Staff Member";} print ""; print ""; if ($UserType == 'Admin') { print ""; } $show_login = false; } else {$msg="Wrong Password";} } else {$msg="Username not found";} } else {$msg="Both username and password are required";} //-- Show Login Box //---------------------------------------- if ($show_login) { $login_cnt = ($login_cnt + 1); //-- List Staff //---------------------------------------- print "

"; print "Curriculum Home "; print "

Welcome, $firstname $lastname you are Logged on as $welcome.

"; include "include/mainpage.inc.php"; print "

To turn Admin tools off for this session only click here or click the A on the bottom right menu bar.

"; print ""; if ($login_cnt == 1) {print "";} else { print "";} print ""; print ""; print ""; print ""; print ""; print ""; //print "

Toolkit Login
$msg
Username:	"; print '\n"; print "
Password:

"; print " "; // Only show Create ID link to District //--------------------------------------- $my_ip_address = $_SERVER['REMOTE_ADDR']; if ($my_ip_address == $district_network_address) { print "Click here for Login Help or to Create an Account."; } print " "; } ?>