<?
@session_start();
require_once "config.php";
//require_once "formvalidator.php";
?><?
session_start();
require_once "config.php";
include_once "functions.php";

                         if( isset($_POST['submit'])) {
							$username = $_REQUEST['username'];
							$password = $_REQUEST['password'];
							$referer = $_REQUEST['referer'];
							
							$md5password = md5($password);
							include "opendb.php";
							$logindata = "SELECT `srno`,`fname`,`country` FROM `member` WHERE `login` = '$username' and `password` = '$md5password' limit 1;";
							$logindataexe = @mysql_db_query(DB_NAME, $logindata);
							$logindatarow = @mysql_num_rows($logindataexe);
							$memberregid = @mysql_result($logindataexe, 0, 0);
							$memberfname = @mysql_result($logindataexe, 0, 1);
							$membercountry = @mysql_result($logindataexe, 0, 2);
							
							$activate = "SELECT `emailverify`,	`regpmtid` FROM `memberverify` WHERE `memid`='$memberregid' limit 1;";
							$activateexe = @mysql_db_query(DB_NAME, $activate);
							$emailverify = @mysql_result($activateexe, 0, 0);
							$regpmtid = @mysql_result($activateexe, 0, 1);
							
							$regpayment = "SELECT `amount`, `pymtstatus`, `srno` FROM `payment` WHERE `memid`='$memberregid' limit 1";
							$regpaymentexe = @mysql_db_query(DB_NAME, $regpayment);
						 	$amount = @mysql_result($regpaymentexe, 0, 0);
							$pymtstatus = @mysql_result($regpaymentexe, 0, 1);
							$regpmtid1= @mysql_result($regpaymentexe, 0, 2);
							
							if($regpmtid != $regpmtid1)
							{
								$regpmtid = $regpmtid1;
							}
							include "closedb.php";
							
							if (($logindatarow == 1) && ($emailverify == "Y") && ($pymtstatus == "Y"))
							{
								
								include "opendb.php";
								$logintrack ="INSERT INTO `ynfx_ps`.`logintrack` (`srno`, `memid`, `ipaddress`, `status`, `dtstamp`, `adminstatus`) VALUES (NULL, '$memberregid', 
								'".$_SERVER['REMOTE_ADDR']."', 'successful', NOW(), 'Y');";
								$logintrackexe = @mysql_db_query(DB_NAME, $logintrack); 
								//include "closedb.php";
								$_SESSION["username"] = $username; 
								$_SESSION["md5password"] = $md5password;
								$_SESSION["memberregid"] = $memberregid;
								//header('Location: '.$referer);

								//-------------------------- create cookie for old Ynfx ----------------------------------------------
								
								/*$host="localhost";
								$dbname='ynfx_ps';
								$user='root';
								$password='';
	
								$connection=mysql_connect($host,$user,$password) or die(mysql_error());
								mysql_select_db($dbname,$connection) or die(mysql_error());
								*/
								$queryCookie="select * from ynfx_ps.member_map where ps_memid=".$memberregid;
								$Getcookie=mysql_query($queryCookie);
								$aCookie=mysql_fetch_array($Getcookie);
								$numrows=mysql_num_rows($Getcookie);

								$cookie_country = $aCookie['revamp_country'];
								$cookie_contactperson = $aCookie['revamp_contactperson'];
								$login=$aCookie['revamp_login'];
								
								if($numrows==0)
								{
								$cookie_country = $membercountry;
								$cookie_contactperson = $memberfname;
								$login=$username;
								}


								$TIMEOUT			=	10800;
								$KEYSTRING			=	"Yarn";

								function mktime_to_mysqltime1($string){
								$yyyy	=	date("Y",$string);
								$mm	=	date("m",$string);
								$dd	=	date("d",$string);
								$hh	=	date("H",$string);
								$ii	=	date("i",$string);
								$ss	=	date("s",$string);

								$codedstring =	$yyyy.$mm.$dd.$hh.$ii.$ss;
									return $codedstring;
								}


								srand((double)microtime()*1000000);
								$newabc = (string)rand().crypt($KEYSTRING);
								$_SESSION["newabcabc"] = $newabc;
								$logintime = mktime_to_mysqltime1(time());
								$logouttime= mktime_to_mysqltime1(time()+$TIMEOUT);
								$tmpdate = mktime_to_mysqltime1(time());
															
								$sql_delete="DELETE FROM logger WHERE logouttime < $tmpdate";								mysql_db_query('ynfx_revamp',$sql_delete) or die(mysql_error());
								
								$sql_delete1="DELETE FROM logger WHERE memberlogin = '$login'";
								mysql_db_query('ynfx_revamp',$sql_delete1) or die(mysql_error());	

								$sql_insert1="INSERT INTO logger(abc,memberlogin,logouttime,memberexpdate) VALUES ('$newabc', '$login', $logouttime, '$expdate')";
								mysql_db_query('ynfx_revamp',$sql_insert1) or die(mysql_error());							

								$sql_insert2="INSERT INTO logindata(id,memberlogin,logindate) VALUES (null, '$login', $logintime)";
								mysql_db_query('ynfx_revamp',$sql_insert2) or die(mysql_error());							
								
								
								
								//mysql('ynfx_revamp', "INSERT INTO logger VALUES ('$newabc', '$login', $logouttime, $expdate)");
								//mysql('ynfx_revamp', "INSERT INTO logindata VALUES (null, '$login', $logintime)");
	

								setcookie("ghi", "$cookie_country", 0, "/","");
								setcookie("def", "$cookie_contactperson", 0, "/","");
								setcookie("abc", "$newabc", 0, "/","");
								//echo $cookie_country;
								//echo $memberregid;
								//exit;
								//------------------------ Create Cookie for Old Ynfx Ends 	------------------------------------------
								// Insert for who's online

								$username=$_SESSION["username"];
								$pawd=$_SESSION["md5password"];
								$ip=$_SERVER['REMOTE_ADDR'];
								include "opendb.php";
								$sql_whosonline="insert into plus_login(srno,id,userid,ip,tm,status) VALUES('','','$username','$ip',NOW(),'ON')";
								$result=mysql_db_query(DB_NAME,$sql_whosonline);
				
								// end of who's online code

								$companyprocheck = checkcompanyprofile($memberregid);
								if ( $companyprocheck == "N")
								{
									//fakhruddin: for redirecting to perticular location if cookie is set i.e IR,IS,IN
									if(isset($_COOKIE['IN_IR_IS'])){
									($ur_l = $_COOKIE['IN_IR_IS']);
									printf('<script type="text/javascript">document.location = "%s";</script>', ($ur_l));
									die();
									}
									header('Location: ./editcompanyprofile.php');
									
								}
								else
								{
									$checkprolist = checkproductlist($memberregid);
									if ($checkprolist == "N")
									{
										header('Location: ./productcreation.php');
										
									}
									else
									{
										header('Location: ./pshome.php');
										
									}
								}
							}
							elseif ($emailverify == "Y")
							{
								include "opendb.php";
								$logindata1 = "SELECT `srno` FROM `member` WHERE `login` = '$username' limit 1;";
								$logindata1exe = @mysql_db_query(DB_NAME, $logindata1);
								$logindata1row = @mysql_num_rows($logindata1exe);
								$memberregid = @mysql_result($logindata1exe, 0, 0);
								include "closedb.php";
								if ($logindata1row == 1)
								{ 
									include "opendb.php";
									$logintrack ="INSERT INTO `ynfx_ps`.`logintrack` (`srno`, `memid`, `ipaddress`, `status`, `dtstamp`, `adminstatus`) VALUES (NULL, '$memberregid', 
									'".$_SERVER['REMOTE_ADDR']."', 'unsuccessful', NOW(), 'Y');";
									$logintrackexe = @mysql_db_query(DB_NAME, $logintrack); 
									include "closedb.php";
								}
								
								if ($pymtstatus == "N")
								{
								
								require_once ("libfuncs.php");
								$key_32bit = "ae943a3e258d31fc51cf900d41786284";
								$MerchantId = "ynfx"; //Merchant ID
								$Amount =	 usd2inr($amount) * 100;  //Amount should be in paisa
								$OrderId = $regpmtid; //Invoice Number
								$URL = "http://www.yarnsandfibers.com/ynfxps/payment.php?memid=$memberregid";
								//$URL = "http://localhost/new/payment.php?memid=$memberregid"; //URL of your response Payment Page
								$WorkingKey = $key_32bit;
								$checksum = getchecksum($MerchantId, $Amount, $OrderId, $URL, $WorkingKey);
								?><form method="post" action="http://www.ezcommwireless.net/icici/payment.php" name="paymentform" id="paymentform">
								<input type=hidden name=MerchantId value="">
								<input type=hidden name=OrderId value="">
								<input type=hidden name=Amount value="">
								<input type=hidden name=URL value="">
								<input type=hidden name=Checksum value="">
								</form>
                                You will now be redirect to payment gateway, as your payment for  USD is pending against registration and leads fees.
								<script language="javascript">
								alert("You will now be redirect to payment gateway, \nas your payment for  USD is pending against registration and leads fees.");						document.paymentform.submit();
                                </script>
                                
								<?
                                exit;
								
								
								}
								
								$error = "true";
								$errormsg = " Invalid Username and Password";
								
								
							}
							elseif ($pymtstatus == "N")
							{
								require_once ("libfuncs.php");
								$key_32bit = "ae943a3e258d31fc51cf900d41786284";
								$MerchantId = "ynfx"; //Merchant ID
								$Amount =	 usd2inr($amount) * 100;  //Amount should be in paisa
								$OrderId = $regpmtid; //Invoice Number
								$URL = "http://www.yarnsandfibers.com/ynfxps/payment.php?memid=$memberregid";
								//$URL = "http://localhost/new/payment.php?memid=$memberregid"; //URL of your response Payment Page
								$WorkingKey = $key_32bit;
								$checksum = getchecksum($MerchantId, $Amount, $OrderId, $URL, $WorkingKey);
								?><form method="post" action="http://www.ezcommwireless.net/icici/payment.php" name="paymentform" id="paymentform">
								<input type=hidden name=MerchantId value="">
								<input type=hidden name=OrderId value="">
								<input type=hidden name=Amount value="">
								<input type=hidden name=URL value="">
								<input type=hidden name=Checksum value="">
								</form>
                                You will now be redirect to payment gateway, as your payment for  USD is pending against registration and leads fees.
								<script language="javascript">
								alert("You will now be redirect to payment gateway, \nas your payment for  USD is pending against registration and leads fees.");						document.paymentform.submit();
                                </script>
                                
								<?
                                exit;
							}
							else  
							{
								$error = "true";
								$errormsg = "Your Account is disabled, please activate. To activate account, click on the link in your e-mail";
								if (($md5password == "") || ($username == ""))
								{
								$error = "true";
								$errormsg = "Invalid username or password";
								}
								
								if (checklogin_username_password($username,$md5password) == "N")
								{
								$error = "true";
								$errormsg = "Invalid username or password";
								}
								
							}
						}
include_once "functions.php";



require_once "formvalidator.php";

?>