Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

login,php

By: a guest on Aug 8th, 2012  |  syntax: None  |  size: 1.40 KB  |  hits: 15  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2.  
  3. //Check to see if they accessed the page correctly
  4. if (!isset($_POST['login_submit'])) {
  5. $_SESSION['noaccess'] = "it is a restricted page.";
  6. header("Location: ../index.php");
  7. exit();
  8. }
  9.  
  10. //Check to see if they're already logged in and exit if so
  11. if (isset($_SESSION['loggedIn'])) {
  12. $_SESSION['noaccess'] = "you are already logged in!";
  13. header("Location: ../index.php");
  14. exit();
  15. }
  16.  
  17. //Check to see if they filled in the login form
  18. if (!isset($_POST['login_user_email']) or $_POST['login_user_email']=="" or $_POST['login_pwd']=="" or !isset($_POST['login_pwd'])) {
  19. $_SESSION['loginfail'] = "Please fill in all forms before submitting.";
  20. header("Location: ../index.php");
  21. exit();
  22. }
  23.  
  24. //Connect to database
  25. include '../includes/connect.php.inc';
  26.  
  27. //Set the form posts as variables
  28. $emailaddress = mysql_real_escape_string($_POST['login_user_email']);
  29. $pwd = mysql_real_escape_string($_POST['login_pwd']);
  30.  
  31. $query = "SELECT memberID,firstName,lastName,userPermission FROM members WHERE email='$emailaddress'";
  32. $result = mysqli_query($cxn,$query) or die ("Couldn't execute query!");
  33. $nrows = mysqli_num_rows($result);
  34.  
  35. //Checks to see if email is registered
  36. if ($nrows!=1) {
  37. $_SESSION['loginfail'] = "Your email address was not found in the database! Ensure you entered <b>the correct information</b> and that you have <b>already registered</b>.";
  38. header("Location: ../index.php");
  39. exit();
  40. }
create a new version of this paste RAW Paste Data