alert ('Input ".$value."'); history.back(); "; exit(); } } checknull($userStaff,"userStaff"); checknull($passwordStaff,"passwordStaff"); $sql = "select nameStaff, staffCode, idDepartment, permissionStaff, position from staffCode where userStaff = '$userStaff' and passwordStaff = '$passwordStaff'"; $result = mysql_query($sql) or die("Select DB_StaffCode Error"); $row = mysql_fetch_array($result); $checkUser = mysql_num_rows($result); $nameStaff = $row['nameStaff']; $staffCode = $row['staffCode']; $idDepartment = $row['idDepartment']; $permissionStaff = $row['permissionStaff']; $position = $row['position']; if($checkUser == null){ echo ""; exit(); }else{ $_SESSION["staffId"] = $staffCode; $_SESSION["staffName"] = $nameStaff; $_SESSION["staffUser"] = $userStaff; $_SESSION["staffDepartment"] = $idDepartment; $_SESSION["staffPermission"] = $permissionStaff; $_SESSION["staffPosition"] = $position; //$_SESSION["timeSession"] = time() + 300; session_write_close(); if($idDepartment == '0'){ echo ""; exit(); }else{ echo ""; exit(); } } ?>