Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- mysql_connect("localhost", "USERNAME", "PASSWORD");
- mysql_select_db("SCHEMA");
- session_start(); //we're using sessions so this is required!
- if($_SESSION['loggedin'] == TRUE) {
- header('location: employee.php'); //members area
- }else{
- if($_POST['submitLogin']) {
- //verify login from user input
- $username = mysql_real_escape_string($_POST['username']);
- $password = md5(mysql_real_escape_string($_POST['password']));
- $select_user = mysql_query("SELECT COUNT(id) AS amount FROM users WHERE username = '$username' AND password = '$password' ");
- $user = mysql_fetch_assoc($select_user);
- $amount_found = (int)$user['amount']; //amount of users found by the query
- if($amount_found > 0) {
- $login_attempt = 1; //successful login attempt
- $_SESSION['loggedin'] = TRUE;
- $_SESSION['username'] = $username;
- header('location: employee.php'); //members area
- }else{
- $login_attempt = 0; //invalid login attempt
- }
- }
- if( ($_POST['submitLogin'] AND isset($login_attempt) AND $login_attempt = 0) OR !$_POST['submitLogin'] ) {
- //show login form
- if($_POST['submitLogin']) { //attempted to login? (-> invalid login)
- echo "<p>Invalid login. </p>";
- }
- ?>
- <form method="POST" action="login.php">
- <b>Username:</b> <br /> <input type="text" name="username"> <p>
- <b>Password:</b> <br /> <input type="password" name="password"> <p>
- <input type="submit" name="submitLogin" value="Login!">
- </form>
- <?php
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement