putData(trim($_POST["u_username"])), "loginon"=> date('Y-m-d H:i:s'), "sourceip"=> $sourceip, "status"=> "SUCCESS", ); $t_sts=insertDataMaster($arr, log_vendorlogins); //check for 90 days password change expiration if ($sql_dt['diffdays']>=90 || $sql_dt['diffdays']==NULL) { //password expired $_SESSION['PasswordExpired']=TRUE; redirect("mwbe_main.php?mode=Changepassword"); } else redirect("mwbe_main.php?mode=Dashboard"); } else { //Restrict Login $ErMsg=""; //Update Wrong Login Attempts $attemptsleft=(5-$sql_dt['wrongattempt']-1); if ($attemptsleft<0) $attemptsleft=0; if (mysql_num_rows($sql_rs)<=0) $ErMsg="Invalid Username. Please try again or contact Prime Vendor."; else { if (empty($ErMsg) && $sql_dt['pass']!=substr(md5($u_pass),0,50)) $ErMsg="Invalid Username / Password. You have ".$attemptsleft." attempts left before your account gets locked."; if (empty($ErMsg) && $sql_dt['status']!=1) $ErMsg="Your account is Disabled. You have ".$attemptsleft." attempts left before your account gets locked."; if (empty($ErMsg) && $sql_dt['locked']==1) $ErMsg="Your account is Locked. You have ".$attemptsleft." attempts left before your account gets locked."; if (empty($ErMsg) && $sql_dt['loginaccess']!='Vendor' && $sql_dt['loginaccess']!='Both') $ErMsg="You are not authorized. You have ".$attemptsleft." attempts left before your account gets locked."; //Increment the wrong login attempt if ($attemptsleft<=0) mysql_query("update mst_vendor_login set wrongattempt=wrongattempt+1,locked=1 where username='$u_username'"); else mysql_query("update mst_vendor_login set wrongattempt=wrongattempt+1 where username='$u_username'"); //Log Failed login $arr = array( "email"=> putData($u_username), "loginon"=> date('Y-m-d H:i:s'), "sourceip"=> $sourceip, "status"=> "FAIL", ); $t_sts=insertDataMaster($arr, log_vendorlogins); } } /* if($sql_dt['pass']==substr(md5($u_pass),0,50)) { if ($sql_dt['loginaccess']=='Vendor' || $sql_dt['loginaccess']=='Both') { //check if account is Not locked and is active if ($sql_dt['status']==1 && $sql_dt['locked']==0) { $_SESSION["email"]=$sql_dt["email_id"]; $_SESSION["u_name"]=$sql_dt["username"]; $_SESSION["u_id"]=$sql_dt["id"]; $_SESSION["f_name"]=$sql_dt["first_name"]; $_SESSION["l_name"]=$sql_dt["last_name"]; $_SESSION["VENDOR_ID"]=$sql_dt["vendor_no"]; $_SESSION["l_role"]=3; $_SESSION['PasswordExpired']=FALSE; $vsql="select vendor_name from mst_vendor where vendor_no='".$sql_dt["vendor_no"]."'"; $vres=mysql_query($vsql); $vrow=mysql_fetch_array($vres); $_SESSION['VENDOR_NAME']=$vrow['vendor_name']; //Log successful login $arr = array( "email"=> putData(trim($_POST["u_username"])), "loginon"=> date('Y-m-d H:i:s'), "sourceip"=> $sourceip, "status"=> "SUCCESS", ); $t_sts=insertDataMaster($arr, log_vendorlogins); //check for 90 days password change expiration if ($sql_dt['diffdays']>=90) { //password expired $_SESSION['PasswordExpired']=TRUE; redirect("mwbe_main.php?mode=Changepassword"); } else redirect("mwbe_main.php?mode=Dashboard"); } else { $ErMsg="Your account is Locked / Inactive. Please contact system administrator."; //Log Failed login $arr = array( "email"=> putData(trim($_POST["u_username"])), "loginon"=> date('Y-m-d H:i:s'), "sourceip"=> $sourceip, "status"=> "FAIL", ); $t_sts=insertDataMaster($arr, log_vendorlogins); } } else { $ErMsg="You are not authorized. Please contact system administrator."; //Log Failed login $arr = array( "email"=> putData(trim($_POST["u_username"])), "loginon"=> date('Y-m-d H:i:s'), "sourceip"=> $sourceip, "status"=> "FAIL", ); $t_sts=insertDataMaster($arr, log_vendorlogins); } } else { $ErMsg="Invalid Username / Password. Please try again."; //Log Failed login $arr = array( "email"=> putData(trim($_POST["u_username"])), "loginon"=> date('Y-m-d H:i:s'), "sourceip"=> $sourceip, "status"=> "FAIL", ); $t_sts=insertDataMaster($arr, log_vendorlogins); }*/ } if ($_POST['btnReset']=='Submit') { $r_username=mysql_real_escape_string($_POST["r_username"]); $sql="select * from mst_vendor_login where username='$r_username'"; $sql_rs=mysql_query($sql); if (mysql_num_rows($sql_rs)>0) { $sql_dt=mysql_fetch_array($sql_rs); if ($sql_dt['status']==1) { $requestdate=date('Y-m-d H:i:s'); $securecode=md5(trim($_POST["r_username"]).$requestdate); $arr = array( "email"=> putData(trim($_POST["r_username"])), "requestdate"=> date('Y-m-d H:i:s'), "securecode"=> $securecode, "ip"=> $_SERVER['REMOTE_ADDR'], ); $t_sts=insertDataMaster($arr, mst_vendor_login_reset); $url=SITEURL."reset.php?securecode=".$securecode; //Send email $subject = "Reset Your MWBEUSA Login"; $message = ""; $message.= "

Hello

"; $message.= "

We sent you this email because you're having trouble logging in to the website. You provided this email address as part of the process to fix the login issue you're having.

"; $message.= "

The next step is to click the link below. This link is to be clicked once.

"; $message.= "

".$url."

"; $message.= "

If you did not initiate this process, please contact us.

"; $message.= "

Sincerely,
MWBEUSA Support Team

"; // RD:5-Jan-2018: Updated settings to use Amazon Email Service. //SEND_MAIL($sql_dt['email_id'], "noreply@mwbeusa.com", "MWBEUSA", $subject, $message); ////include "include/smtpmail.php"; ////smtpmail($sql_dt['email_id'], $subject, $message); include "include/AmazonServices/EmailViaAmazon.php"; SendEmailViaAmazon($sql_dt['email_id'], $subject, $message); /////// $resetsuccess=1; } else { $ErMsg="Your account is disabled. Please contact system administrator."; } } else { $ErMsg="Invalid Username Entered. Please try again."; } } ?> Vendor Login
".$mrow['mmsg']."

"; } ?> MWBE Compliance
Access to this site is for authorized users only

".$mrow['mmsg'].""; } else { ?>
Username
Password
Access to this site is restricted.
For demo, contact us at sales@mwbeusa.com
Copyright © 2026 - MWBEUSA, All Rights Reserved