1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

<?php
$_SESSION['folder_name']="dplusresort";
$name_folder="dplusresort";
$_SESSION['dbname'] = "advicesi_dplus"; #  database 
$_SESSION[name_province]="korat"; // Province

$_SESSION['hostname']="localhost";
$_SESSION['user']="advicesi_1";
$_SESSION['passwd']="Ei0QBVMT7";

$_SESSION['web_width']="997";
$_SESSION['id_tumbon']="advicesi_dplus";
$_SESSION['filsh_width']="1024px";
$_SESSION['filsh_height']="350px";
// connection database
$handle=mysql_connect($_SESSION['hostname'],$_SESSION['user'],$_SESSION['passwd']) or die("connect to database fail");
$result1=mysql_select_db($_SESSION['dbname'],$handle) or die ("No");

$charset = "SET character_set_results=utf8";
$charset="SET NAMES 'utf8'";
mysql_query($charset) or die('Invalid query: ' . mysql_error());
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>";

// ����� user ���������˹�ҹ��ҧ��� ���Է����˹�ҹ���������
if($_SESSION[username_]!="" or $_SESSION[password_]){
        $sqlx="select user,pass from cms_main_user where user='$_SESSION[username_]' and pass='$_SESSION[password_]'";
        $resultx=mysql_query($sqlx);
        $num = mysql_num_rows($resultx);
        if(($num>0) and ($_SESSION['web_name']!=$name_folder)){
                                    session_unregister("id_user_admin");
                                     session_unregister("name_post");
                                    session_unregister("name_email");
                                    session_unregister("username_");
                                    session_unregister("password_");
                                    session_unregister("admin_web");
                                    session_unregister("module_access");
            print "<meta http-equiv=refresh content=0;URL=index.php>";
        }
}
$_SESSION['web_name'] = $name_folder; # ���� web
?>