<?php
session_start();
// *** Validate request to login to this site.
//session_start();
// Report all PHP errors (bitwise 63 may be used in PHP 3)
error_reporting(E_ALL);
?>
<?php require_once('connection_name'); ?>
<?php
// *** Validate request to login to this site.
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['pwd'];
$MM_fldUserAuthorization = "userGroup";
$MM_redirectLoginSuccess = "index.php";
$MM_redirectLoginFailed = "login_failed.php";
$MM_redirecttoReferrer = true;
mysql_select_db($database_name, $conn_name);
$LoginRS__query=sprintf("SELECT username, pwd, userGroup FROM tbl_users WHERE username='%s' AND pwd='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $conn_newland) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'userGroup');
//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;
//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
if (isset($_SESSION['PrevUrl']) && true) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: ". $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Newland Tours: Log In</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="css/newland.css" rel="stylesheet" type="text/css" />
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>

<body>
<a href="#top"><img src="images/spacer.gif" alt="Skip to main page content." width="1" height="1" border="0" align="left" /></a>
<table width="750" border="0" cellpadding="3" cellspacing="0">
<tr>
<td><img src="images/banner_left.jpg" width="451" height="68" alt="Newland Tours Banner, Left" /></td>
<td width="280"><img src="images/banner_right.jpg" width="276" height="68" alt="Newland Tours Banner, Right" /></td>
</tr>
<tr>
<td><img src="images/navbar.gif" name="navbar" width="450" height="20" border="0" usemap="#navbarMap" alt="Navigation Bar" /></td>
<td><img name="copyright_bar" src="images/copyright_bar.gif" width="272" height="20" border="0" alt="Copyright 2004 Newland Tours" /></td>
</tr>
<tr>
<td colspan="2">
<h1><br />
<a name="top" id="top"></a>Please Log In</h1>
<form name="frm_login" id="frm_login" method="POST" action="<?php echo $loginFormAction; ?>">
<table width="95%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td width="32%">Email Address </td>
<td width="68%"><input name="username" type="text" id="username" size="45" maxlength="55" /></td>
</tr>
<tr>
<td>Password</td>
<td><input name="pwd" type="password" id="pwd" maxlength="16" /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input name="Submit" type="submit" onclick="MM_validateForm('username','','RisEmail','pwd','','R');return document.MM_returnValue" value="Submit" /></td>
</tr>
</table>
</form>
<p>If you don't already have an account, please <a href="register.php">register</a> for a free account.</p></td>
</tr>
</table>

<br />
<br />

<map name="navbarMap" id="navbarMap">
<area shape="rect" coords="1,0,62,20" href="index.php" alt="Home" />
<area shape="rect" coords="71,0,117,20" href="about.php" alt="About" />
<area shape="rect" coords="129,0,196,20" href="tours.php" alt="Find Tours" />
<area shape="rect" coords="209,0,311,20" href="profiles.php" alt="Country Profiles" />
<area shape="rect" coords="327,0,434,20" href="contact.php" alt="Contact An Agent" />
</map>
</body>
</html>