Hugo Roger Hugo Roger - 1 month ago 6
MySQL Question

Please help me set up this MySQL database properly

I am trying to move a DB to a new serve. My friend gave me the entire site and I uploaded to a server. He gave me a clean DB to avoid giving sensitive details. The site has a log in section, complete admin backend where I can populate the website for users to sign up but for some reason its missing a few things like my own admin access to the website and tables to give me access to the back end.

The database connected successfully. I am able to add users and values through the phpMyAdmin but I don't know how to give myself admin access. I have been reading a lot and spending a lot of time trying to figure this out. I can share some of the php code used to validate the log in access if needed.

Below is the code for the entire DB file I uploaded to the server. Any help is much appreciated.:

-- phpMyAdmin SQL Dump
-- version 4.0.10deb1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Jul 21, 2016 at 02:03 PM
-- Server version: 5.5.49-0ubuntu0.14.04.1
-- PHP Version: 5.5.9-1ubuntu4.17

SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";


/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;

--
-- Database: `transportation`
--

-- --------------------------------------------------------

--
-- Table structure for table `tbl_3_vehicle_limit`
--

CREATE TABLE IF NOT EXISTS `tbl_3_vehicle_limit` (
`limit_id` int(11) NOT NULL AUTO_INCREMENT,
`soption` tinyint(4) NOT NULL,
`dept_id` varchar(4) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
`user_id` int(11) NOT NULL,
`from_date` date NOT NULL,
`to_date` date NOT NULL,
PRIMARY KEY (`limit_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=48 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_abandon_trips`
--

CREATE TABLE IF NOT EXISTS `tbl_abandon_trips` (
`abandon_id` bigint(20) NOT NULL AUTO_INCREMENT,
`abandon_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`notes` text NOT NULL,
`res_id` bigint(20) NOT NULL,
`user_id` int(11) DEFAULT NULL,
`mile_charges` double NOT NULL,
`calculate_fine` tinyint(1) NOT NULL DEFAULT '0',
`miles` smallint(6) NOT NULL DEFAULT '25',
PRIMARY KEY (`abandon_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1106 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_comment_log`
--

CREATE TABLE IF NOT EXISTS `tbl_comment_log` (
`comment_id` bigint(20) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`comments` text COLLATE latin1_general_ci NOT NULL,
`comment_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`comment_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=2 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_departments`
--

CREATE TABLE IF NOT EXISTS `tbl_departments` (
`dept_id` varchar(4) COLLATE latin1_general_ci NOT NULL,
`dept_name` varchar(50) COLLATE latin1_general_ci NOT NULL,
`leader_f_name` varchar(15) COLLATE latin1_general_ci NOT NULL,
`leader_l_name` varchar(15) COLLATE latin1_general_ci NOT NULL,
`leader_phone` varchar(25) COLLATE latin1_general_ci NOT NULL,
`leader_email` varchar(150) COLLATE latin1_general_ci NOT NULL,
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`active` tinyint(1) NOT NULL DEFAULT '1',
`deactive_date` date DEFAULT NULL,
`dept_info` varchar(200) COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`dept_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_driver_links_order`
--

CREATE TABLE IF NOT EXISTS `tbl_driver_links_order` (
`link_id` mediumint(9) NOT NULL,
`link_order` mediumint(9) NOT NULL,
`driver_login` tinyint(1) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_global_settings`
--

CREATE TABLE IF NOT EXISTS `tbl_global_settings` (
`id` int(11) NOT NULL,
`leader_code` varchar(20) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_info_links`
--

CREATE TABLE IF NOT EXISTS `tbl_info_links` (
`link_id` mediumint(9) NOT NULL AUTO_INCREMENT,
`link_title` varchar(100) NOT NULL,
`link_text` text NOT NULL,
`link_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`link_order` tinyint(4) NOT NULL DEFAULT '1',
`link_display_page` varchar(25) NOT NULL,
`link_display_flag` char(1) DEFAULT NULL,
PRIMARY KEY (`link_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=30 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_log`
--

CREATE TABLE IF NOT EXISTS `tbl_log` (
`log_id` bigint(20) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`login_datetime` datetime NOT NULL,
`logout_datetime` datetime NOT NULL,
`ip_address` varchar(16) NOT NULL,
PRIMARY KEY (`log_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=16735 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_reservations`
--

CREATE TABLE IF NOT EXISTS `tbl_reservations` (
`res_id` bigint(20) NOT NULL AUTO_INCREMENT,
`vehicle_id` bigint(20) NOT NULL,
`user_id` int(11) NOT NULL,
`planned_passngr_no` varchar(2) COLLATE latin1_general_ci NOT NULL,
`coord_approval` varchar(15) COLLATE latin1_general_ci NOT NULL DEFAULT 'Approved',
`planned_depart_day_time` datetime NOT NULL,
`planned_return_day_time` datetime NOT NULL,
`overnight` tinyint(1) NOT NULL,
`childseat` tinyint(1) NOT NULL,
`destination` varchar(100) COLLATE latin1_general_ci NOT NULL,
`reservation_cancelled` tinyint(1) NOT NULL DEFAULT '0',
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`cancelled_by_driver` tinyint(1) NOT NULL DEFAULT '0',
`driver_cancelled_time` datetime DEFAULT NULL,
`key_no` varchar(4) COLLATE latin1_general_ci DEFAULT NULL,
`card_no` varchar(8) COLLATE latin1_general_ci DEFAULT NULL,
`billing_dept` varchar(4) COLLATE latin1_general_ci NOT NULL,
`assigned_driver` int(11) NOT NULL,
`repeating` tinyint(1) NOT NULL DEFAULT '0',
`res_delete_user` bigint(20) DEFAULT NULL,
`res_delete_datetime` datetime DEFAULT NULL,
`no_cost` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`res_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=18416 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_restricted_charges`
--

CREATE TABLE IF NOT EXISTS `tbl_restricted_charges` (
`charge_id` int(11) NOT NULL AUTO_INCREMENT,
`vehicle_id` int(11) NOT NULL,
`charge_month` varchar(2) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
`charge_year` char(4) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
`dept_id` varchar(4) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
`calc_method` varchar(50) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
`total_charge` double NOT NULL,
`begin_mileage` varchar(7) CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL,
`end_mileage` varchar(7) CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL,
`rate` double DEFAULT NULL,
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`charge_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=745 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_shop_tasks`
--

CREATE TABLE IF NOT EXISTS `tbl_shop_tasks` (
`task_id` bigint(20) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`vehicle_id` int(11) NOT NULL,
`miles_reading_tech` varchar(7) COLLATE latin1_general_ci NOT NULL,
`last_mileage` varchar(7) COLLATE latin1_general_ci NOT NULL,
`work_type_id` tinyint(4) NOT NULL,
`work_start_date` date NOT NULL,
`next_oil` date NOT NULL,
`total_cost` double NOT NULL,
`parts_source` varchar(255) COLLATE latin1_general_ci NOT NULL,
`drive_test_done` tinyint(1) NOT NULL,
`task_complete` tinyint(1) NOT NULL,
`tech_comments` text COLLATE latin1_general_ci NOT NULL,
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`invoice_no` varchar(50) COLLATE latin1_general_ci NOT NULL,
`vendor_name` varchar(50) COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`task_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=40 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_special_notice`
--

CREATE TABLE IF NOT EXISTS `tbl_special_notice` (
`notice_id` int(11) NOT NULL AUTO_INCREMENT,
`notice_date` datetime NOT NULL,
`user_id` int(11) NOT NULL,
`notice_title` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
`notice` text CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`notice_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_srvc_resvs`
--

CREATE TABLE IF NOT EXISTS `tbl_srvc_resvs` (
`srvc_id` int(11) NOT NULL AUTO_INCREMENT,
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`vehicle_id` int(11) NOT NULL,
`from_date` datetime DEFAULT NULL,
`to_date` datetime DEFAULT NULL,
`is_cancelled` tinyint(1) NOT NULL DEFAULT '0',
`service_type` varchar(15) NOT NULL,
PRIMARY KEY (`srvc_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=235 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_srvc_resvs_details`
--

CREATE TABLE IF NOT EXISTS `tbl_srvc_resvs_details` (
`srvc_id` int(11) NOT NULL,
`res_id` bigint(20) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_temp_mass_emails`
--

CREATE TABLE IF NOT EXISTS `tbl_temp_mass_emails` (
`email_id` varchar(250) NOT NULL,
`driver_name` varchar(50) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_trip_details`
--

CREATE TABLE IF NOT EXISTS `tbl_trip_details` (
`trip_id` bigint(20) NOT NULL AUTO_INCREMENT,
`res_id` bigint(20) NOT NULL,
`begin_mileage` varchar(7) COLLATE latin1_general_ci NOT NULL,
`end_mileage` varchar(7) COLLATE latin1_general_ci NOT NULL,
`end_gas_percent` varchar(4) COLLATE latin1_general_ci NOT NULL,
`problem` tinyint(1) NOT NULL,
`desc_problem` text COLLATE latin1_general_ci NOT NULL,
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`mile_charges` double NOT NULL,
`user_id` int(11) DEFAULT NULL,
PRIMARY KEY (`trip_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=13155 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_user`
--

CREATE TABLE IF NOT EXISTS `tbl_user` (
`user_id` int(11) NOT NULL AUTO_INCREMENT,
`f_name` varchar(20) COLLATE latin1_general_ci NOT NULL,
`l_name` varchar(20) COLLATE latin1_general_ci NOT NULL,
`dept_id` varchar(4) COLLATE latin1_general_ci NOT NULL,
`phone` varchar(25) COLLATE latin1_general_ci NOT NULL,
`birth_date` date NOT NULL,
`license_no` varchar(20) COLLATE latin1_general_ci NOT NULL,
`license_state` varchar(15) COLLATE latin1_general_ci NOT NULL,
`license_expire` date NOT NULL,
`email` varchar(150) COLLATE latin1_general_ci NOT NULL,
`password` varchar(255) COLLATE latin1_general_ci DEFAULT NULL,
`drive_tested` varchar(30) COLLATE latin1_general_ci NOT NULL,
`test_date` date NOT NULL,
`end_permit` date NOT NULL,
`home_st_country` varchar(30) COLLATE latin1_general_ci NOT NULL,
`active` tinyint(1) NOT NULL DEFAULT '0',
`status_date` datetime DEFAULT NULL,
`user_group` tinyint(4) NOT NULL,
`user_type` varchar(20) COLLATE latin1_general_ci NOT NULL,
`photo` varchar(255) COLLATE latin1_general_ci NOT NULL,
`photo_link` varchar(255) COLLATE latin1_general_ci NOT NULL,
`comment` varchar(300) COLLATE latin1_general_ci NOT NULL,
`reg_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`permit_type` varchar(5) COLLATE latin1_general_ci NOT NULL DEFAULT 'First',
`renew_date` date DEFAULT NULL,
`renew_text` varchar(200) COLLATE latin1_general_ci DEFAULT NULL,
`new_user` tinyint(1) NOT NULL DEFAULT '0',
`driver_permission` tinyint(1) NOT NULL DEFAULT '0',
`license_country` varchar(60) COLLATE latin1_general_ci NOT NULL,
`max_passengers` int(11) NOT NULL DEFAULT '15',
PRIMARY KEY (`user_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1695 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_user_comments`
--

CREATE TABLE IF NOT EXISTS `tbl_user_comments` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`posting_user_id` int(11) NOT NULL,
`about_user_id` int(11) NOT NULL,
`comments_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`comments` text NOT NULL,
`trip_id` bigint(20) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=248 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_user_group`
--

CREATE TABLE IF NOT EXISTS `tbl_user_group` (
`group_id` tinyint(4) NOT NULL AUTO_INCREMENT,
`group_name` varchar(50) COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`group_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=7 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_vehicles`
--

CREATE TABLE IF NOT EXISTS `tbl_vehicles` (
`vehicle_id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`vehicle_no` varchar(12) COLLATE latin1_general_ci NOT NULL,
`vin_no` varchar(20) COLLATE latin1_general_ci NOT NULL,
`oil_filter` varchar(20) COLLATE latin1_general_ci NOT NULL,
`safety_date` date NOT NULL,
`registration_date` date NOT NULL,
`lic_plate_no` varchar(50) COLLATE latin1_general_ci NOT NULL,
`make_id` tinyint(4) NOT NULL,
`model` tinyint(4) NOT NULL,
`year_manuf` char(4) COLLATE latin1_general_ci NOT NULL,
`mileage_un` varchar(7) COLLATE latin1_general_ci NOT NULL,
`date_to_un` date NOT NULL,
`cost_to_un` double NOT NULL,
`cost_rate` double NOT NULL,
`passenger_cap` varchar(2) COLLATE latin1_general_ci NOT NULL,
`condition_tech` varchar(50) COLLATE latin1_general_ci NOT NULL,
`restriction` varchar(150) COLLATE latin1_general_ci NOT NULL,
`issues` varchar(255) COLLATE latin1_general_ci NOT NULL,
`active` tinyint(1) NOT NULL,
`restricted` tinyint(1) NOT NULL,
`date_revised` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`sold` tinyint(1) NOT NULL DEFAULT '0',
`sold_date` date DEFAULT NULL,
`admin_issues` text COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`vehicle_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=95 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_vehicle_brand`
--

CREATE TABLE IF NOT EXISTS `tbl_vehicle_brand` (
`brand_id` tinyint(4) NOT NULL AUTO_INCREMENT,
`brand_name` varchar(255) COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`brand_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=6 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_vehicle_comments`
--

CREATE TABLE IF NOT EXISTS `tbl_vehicle_comments` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`posting_user_id` int(11) NOT NULL,
`vehicle_id` int(11) NOT NULL,
`comment_date` int(11) NOT NULL,
`comment_type` varchar(25) NOT NULL,
`comments` varchar(300) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_vehicle_type`
--

CREATE TABLE IF NOT EXISTS `tbl_vehicle_type` (
`v_type_id` tinyint(4) NOT NULL AUTO_INCREMENT,
`v_type` varchar(255) COLLATE latin1_general_ci NOT NULL,
`capacity` tinyint(4) NOT NULL,
PRIMARY KEY (`v_type_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=8 ;

-- --------------------------------------------------------

--
-- Table structure for table `tbl_work_type`
--

CREATE TABLE IF NOT EXISTS `tbl_work_type` (
`work_type_id` tinyint(4) NOT NULL AUTO_INCREMENT,
`work_type` varchar(255) COLLATE latin1_general_ci NOT NULL,
PRIMARY KEY (`work_type_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=13 ;

-- --------------------------------------------------------

--
-- Stand-in structure for view `VW_DELETABLE_USER_LIST`
--
CREATE TABLE IF NOT EXISTS `VW_DELETABLE_USER_LIST` (
`user_id` int(11)
,`f_name` varchar(20)
,`l_name` varchar(20)
,`dept_name` varchar(50)
,`group_name` varchar(50)
,`reg_date` timestamp
,`res_id` bigint(20)
,`res_reg_date` timestamp
);
-- --------------------------------------------------------

--
-- Stand-in structure for view `VW_DELETABLE_USER_LIST_SUB`
--
CREATE TABLE IF NOT EXISTS `VW_DELETABLE_USER_LIST_SUB` (
`user_id` int(11)
,`res_id` bigint(20)
,`reg_date` timestamp
);
-- --------------------------------------------------------

--
-- Structure for view `VW_DELETABLE_USER_LIST`
--
DROP TABLE IF EXISTS `VW_DELETABLE_USER_LIST`;
-- in use(#1142 - SHOW VIEW command denied to user 'transport'@'localhost' for table 'VW_DELETABLE_USER_LIST')

-- --------------------------------------------------------

--
-- Structure for view `VW_DELETABLE_USER_LIST_SUB`
--
DROP TABLE IF EXISTS `VW_DELETABLE_USER_LIST_SUB`;
-- in use(#1142 - SHOW VIEW command denied to user 'transport'@'localhost' for table 'VW_DELETABLE_USER_LIST_SUB')

/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;


Code to process the log in goes as:

if(isset($_POST["action"]) && $_POST["action"]=="login"){

$sUserName = $_POST["txtemail"];
$sPassword = $_POST["txtpassword"];
$iGROUP = $_POST["drpusergroup"];

if(isset($_POST["drpleaderdepts"]) && $_POST["drpleaderdepts"]!="") $iDEPT_ID = $_POST["drpleaderdepts"];

//$sLoginSQL = "select user_id, email, user_group from tbl_user where email = '".$sUserName."' and password = '".$sPassword."' and user_group = ".$iGROUP." and active = 1";
//if($iGROUP==$iGROUP_DRIVER || $iGROUP==$iGROUP_COORDINATOR_STAFF){
$sLoginSQL = "SELECT user_id FROM tbl_user WHERE email = '".$sUserName."' AND BINARY password = '".$sPassword."' AND user_group = ".$iGROUP;
$iRsLogin = mysql_query($sLoginSQL) or die(mysql_error());
if (mysql_num_rows($iRsLogin)<=0){
$sMessage = fn_Print_MSG_BOX("<li>Error!!! invalid login information, please try again.", "C_ERROR");
$bDRIVER_ERR_TITLE = "Invalid Information!";
$bDRIVER_ERR_MSG = "Your username or password is invalid, please try again.";
$bDRIVER_INACTIVE_ERR = true;

}else{
list($iUSER_ID) = mysql_fetch_row($iRsLogin);
$sSQL = "SELECT active, new_user FROM tbl_user WHERE user_id = ".$iUSER_ID;
$rsDRIVER = mysql_query($sSQL) or die(mysql_error());

if(mysql_num_rows($rsDRIVER)>0){

list($bACTIIVE, $bNEW_DRIVER) = mysql_fetch_row($rsDRIVER);

if($bACTIIVE==0 && $bNEW_DRIVER==1){ //DRIVER IS new
$bDRIVER_ERR_TITLE = "Not an approved account!";
$bDRIVER_ERR_MSG = "You are not yet been approved from Administration, please contact to Transportation Office";
$bDRIVER_INACTIVE_ERR = true;
$sMessage = fn_Print_MSG_BOX("<li>Error!!! You are not yet been approved from Administration, please contact to Transportation Office", "C_ERROR");
}elseif($bACTIIVE==0 && $bNEW_DRIVER==0){ //DRIVER is inactive

$bDRIVER_ERR_TITLE = "Inactive Account!";
if($iGROUP==$iGROUP_DRIVER || $iGROUP==$iGROUP_COORDINATOR_STAFF){
$bDRIVER_ERR_MSG = "Your account has been suspended...<br />you may need to change your home department..<br />contact transportation Office for more information";
$sMessage = fn_Print_MSG_BOX("<li>Error!!! Your account has been suspended...you may need to change your home department..<br />contact transportation Office for more information", "C_ERROR");
}else{
$bDRIVER_ERR_MSG = "Your account has been suspended...<br />contact administration for more information";
$sMessage = fn_Print_MSG_BOX("<li>Error!!! Your account has been suspended...<br />contact administration for more information", "C_ERROR");
}
$bDRIVER_INACTIVE_ERR = true;
}elseif($bACTIIVE==1 && $bNEW_DRIVER==0){


$_SESSION["User_ID"] = $iUSER_ID;
$_SESSION["User_Name"] = $sUserName;
$_SESSION["User_Group"] = $iGROUP;


$sIP_ADDRESS = getRealIpAddr();
//print("DATE==".date('Y-m-d H:i:s'));
//die();
$sSQL = "INSERT INTO tbl_log (user_id, login_datetime, ip_address) VALUES (".$_SESSION["User_ID"].", '".date('Y-m-d H:i:s')."', '".$sIP_ADDRESS."')";
$rsLOG = mysql_query($sSQL) or die(mysql_error());

if($iGROUP==$iGROUP_DRIVER || $iGROUP==$iGROUP_COORDINATOR_STAFF){
$_SESSION["load_counter"] = "1";
echo "<SCRIPT LANGUAGE='JAVASCRIPT'> window.location='reservations.php'</SCRIPT>";
}elseif($iGROUP==$iGROUP_TM){
echo "<SCRIPT LANGUAGE='JAVASCRIPT'> window.location='management.php'</SCRIPT>";
}elseif($iGROUP==$iGROUP_TC){
echo "<SCRIPT LANGUAGE='JAVASCRIPT'> window.location='admin.php'</SCRIPT>";
}elseif($iGROUP==$iGROUP_SERVICETCH){
echo "<SCRIPT LANGUAGE='JAVASCRIPT'> window.location='shopwork.php'</SCRIPT>";
}


}
}
}


}

Answer

There are some security vulnerabilities in your code, and they are serious enough to warrant an answer, even though this is not quite what you were asking. Hopefully someone else will address that. If this system is live on the web then it would be worth considering taking it down until it is resolved, so that your users' data is not put at risk.

You have two security issues that need to be dealt with promptly. I can try to outline them but if your data is of at least moderate value then I recommend you engage the services of a contractor who can come in and fix them. He or she will probably want to change your character set to UTF-8 anyway!

SQL injection

Consider this query:

SELECT user_id FROM tbl_user WHERE email = '$sUserName'
    AND BINARY password = '$sPassword'
    AND user_group = $iGROUP;

The assumption is that you have values like this:

$sUserName = "halfer@example.com";
$sPassword = "p@ssw0rd";
$iGROUP = 1;

OK, so let's try something, which is usually trivial to do with web forms:

$sUserName = "halfer@example.com' OR user_id = 1 --";
$sPassword = "p@ssw0rd";
$iGROUP = 1;

That will create a query that looks like this:

SELECT user_id FROM tbl_user WHERE email = 'halfer@example.com' OR user_id = 1 --'
    AND BINARY password = 'p@ssw0rd'
    AND user_group = 1;

Since we have used the comment device -- that boils down to this:

SELECT user_id FROM tbl_user WHERE email = 'halfer@example.com' OR user_id = 1;

Now, you probably don't have halfer@example.com in there, but you almost certainly do have a user with an ID of 1, and moreover they are likely to be marked as an approved account. If they are not, an attacker could keep trying with a few numbers, and would be likely to get a result within a few minutes.

The solution to this problem is very well documented.

Plaintext passwords

Let's say you fix the above vulnerability, but that another unknown one exists, and your database gets stolen anyway. Your attacker will have all your user records (perhaps enough to conduct identity fraud) and they will certainly have lots of email addresses and passwords.

So they will feed them into an automated script to try those credentials in Facebook, GMail, eBay, Hotmail, and perhaps some banking sites too. They will do this because it is well-known that most people re-use email/password combinations, even though experts have told them not to ad nauseum.

Thus if you store passwords in plain text you have aided an attacker in a secondary attack, and can share some of the blame when your user suffers fraud or financial loss. (I don't know if anyone has been held legally culpable for a secondary attack - it would be very interesting to look into).

Your solution here is password hashing. This is a one-way algorithm that is very difficult to reverse, and slows re-use attacks down considerably.