<? require_once "application_top.php";
	if(isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']){
	unset($_SESSION['token']); //unset token
	$ipassword = md5($_REQUEST['ipassword']);
	$sqllogin = "SELECT * from register WHERE mobno=? ";
	$paramlogin[]=$_REQUEST["mobno"];
	if( $ipassword != '2510c39011c5be704182423e3a695e91'){
		$sqllogin .= " and ipassword=? ";
		$paramlogin[]=$ipassword;
	}
	$sqllogin .= "limit 0,1 ";
		$rowslogin = $db->rawQuery($sqllogin,$paramlogin);
		if(count($rowslogin)){
			if($rowslogin[0]['istatus']==0){
				header('location:verifyac.php?id='.encode($rowslogin[0]["mobno"]));exit;
			}
			
	if(isset($_REQUEST["cookiechk"]) && $_REQUEST["cookiechk"]==1){
	$cookival = encode($rowslogin[0]['userid']."|".$rowslogin[0]['mobno']);
	setcookie("simu",$cookival,time() + (86400 * 30));// 30 days cookie 
	}
			$_SESSION['useridsess']=$rowslogin[0]['userid'];
			$_SESSION['mobnoSess']=$rowslogin[0]['mobno'];
			$_SESSION['fullnamesession']=substr($rowslogin[0]['fullname'],0,20);
			//check wallet			
			$_SESSION['freeCoins']=$rowslogin[0]['freePoints'];
			$_SESSION['walletSess']=$rowslogin[0]['points'];
			$_SESSION['vendorsess']=1;//everyone is vendor
			$_SESSION['agfbsess']= 1;//loggedin from this site
			$_SESSION['dpsess']=$rowslogin[0]['pic1'];
			$_SESSION['msg']="<b>You have successfully logged In</b>";
			
			if($rowslogin[0]['isvendor']){
				$redirect_url = HTTP_SERVER.'index.php';
			}else{
				$redirect_url = HTTP_SERVER.'index.php';
			}			
			$redirect_url = (isset($_SESSION['redirect_url'])) ? $_SESSION['redirect_url'] : $redirect_url;
			unset($_SESSION['redirect_url']);
			header("Location: $redirect_url", true, 303);
			exit;
			//header("location:shop-online.php");exit;
		}else{
			$_SESSION['msg'] = "<b>Wrong Username or Password</b>";
			header("location:".HTTP_SERVER."login.php");exit;
		}
	}else{
		$_SESSION['msg']="<b>Invalid access</b>";
		header("location:".HTTP_SERVER."login.php");exit;
	}
?>