} ?>
include_once($_SERVER['DOCUMENT_ROOT'] . 'inc/mysql_connect.inc'); include_once($_SERVER['DOCUMENT_ROOT'] . 'inc/subs.inc'); if($task == "login_try") { $md5_password = md5($password); $sql = "select * from user where login=" . strnull($login) . " and md5_password=" . strnull($md5_password); $res = mysql_query($sql,$mysql_conn); $user_row = mysql_fetch_assoc($res); if(!empty($user_row)) { $auth_salesrep_row = get_salesrep_row($user_row["USER_ID"],"user_id"); if(!empty($auth_salesrep_row)) { if($auth_salesrep_row["ENABLED_FLAG"] == 'N') { $msg = "Your account has been disabled. Please contact $default_contact"; $invalid_login = 1; } } $auth_doctor_row = get_doctor_row($user_row["USER_ID"],"user_id"); if(!empty($auth_doctor_row)) { if($auth_doctor_row["STATUS"] != 'active') { $msg = "Your account is not yet active. Please contact $default_contact"; $invalid_login = 1; } } $auth_distributor_row = get_distributor_row($user_row["USER_ID"],"user_id"); if(!empty($auth_distributor_row)) { if($auth_distributor_row["STATUS"] != 'active') { $msg = "Your account is not yet active. Please contact $default_contact"; $invalid_login = 1; } } if(!$invalid_login) { $AuthID = $user_row['USER_ID']; $_SESSION['AuthID'] = $AuthID; $sql = "update user set last_login_date=now() where user_id=$AuthID"; $res = mysql_query($sql,$mysql_conn); if($auth_doctor_row) { if(!$auth_doctor_row['FIRST_NAME'] || !$auth_doctor_row['LAST_NAME'] || !$auth_doctor_row['ADDRESS1'] || !$auth_doctor_row['CITY'] || !$auth_doctor_row['EMAIL'] || !$auth_doctor_row['WORK_PHONE']) { header("Location: /physician_portal/my_account.html?u-p=1&msg=" . urlencode("Please fill out the required information below to complete the sign in process.")); exit; } } if($redirectUrl = UserSecurity::GetRedirect()) { header("Location: $redirectUrl"); } else { header("Location: /physician_portal/landing.html"); } exit; } else { session_unset(); session_destroy(); unset($task); } } else { $msg = "Invalid username or password. Please try again or contact Iridex for help."; session_unset(); session_destroy(); unset($task); } } ?>