Your IP : 216.73.216.26
<?php
$title= "Transaction Password";
include 'header.php';
$uid = $_SESSION['userid'];
if(isset($_POST['transaction_password'])){
$transaction_password = $_POST['transaction_password'];
$url = $_POST['url'];
$result = mysqli_query($connection, "SELECt uid FROM user WHERE uid = '$uid' AND transaction_password = '$transaction_password' AND status=0 ");
if(mysqli_num_rows($result)){
$_SESSION['e_wallet'] = $uid;
redirect($url);
die();
}
else{
setMessage('Transaction password incorrect', 'alert-msg error');
redirect('./transaction_password.php?url='.$url);
die();
}
}
?>
<style type="text/css">
#comments label{
width: 220px;
}
</style>
<h1>Transaction Password</h1>
<section id="comments">
<?php echo getMessage();?>
<form name="form" id="form" action="transaction_password.php" method="post">
<p>
<label for="transaction_password">Transaction Password <span>*</span></label>
<input type="password" name="transaction_password" id="transaction_password" required="required" maxlength="20">
</p>
<p><br />
<input type="hidden" name="url" value="<?php if(isset($_GET['url'])){echo $_GET['url'];}?>" />
<input style="position: relative; left: 200px;" name="submit" type="submit" id="submit" value="Submit">
</p>
</form>
</section>
<?php include 'footer.php';?>