<?
session_start();
include("/var/www/html/root/functions/func.inc.php");
session_register("tendangky,matkhau,dangnhap,quyen");
$tendangky=testQuery(strtolower($HTTP_POST_VARS["user"]));
$matkhau=md5($HTTP_POST_VARS["password"]);
include("connect.php");
include("header.htm");
//echo $tendangky.$matkhau;
    $sql="select account,bin(quyen) as quyen ,donvi from user_account where password='$matkhau' and account='$tendangky'";
    // echo $sql;
    $rs=mysql_query($sql);
    $num_rows=mysql_num_rows($rs);
    if($num_rows==1)
	{
	$row6=mysql_fetch_array($rs);
//	$url="http://".$row6["donvi"].".hcmuaf.edu.vn/";
	$url="http://".$_SERVER['SERVER_NAME'];
	header("location:$url");
	$_SESSION["tendangky"]=$tendangky;
	$_SESSION["quyen"]=$row6["quyen"];
	$_SESSION["dangnhap"]=true;
	}
	else
	{
//	echo "sai mat khau";
	include("login.htm");
	}
mysql_close();
?>