Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if(isset($_POST['login']))
- {
- if(!$_POST['username'] || strlen($_POST['username']) <= 3 || strlen($_POST['username']) >= 20) //Check user input for validity
- {
- $loginerror['username'] = "Username is required. Must be between 3 and 20 characters long.";
- }
- if(!$_POST['password'])
- {
- $loginerror['password'] = "Password is required.";
- }
- if(count($loginerror) == 0)
- {
- $username = mysql_real_escape_string(trim($_POST['username'])); //Do whatever to the user input
- $password = mysql_reql_escape_string(trim($_POST['password']));
- $sql = mysql_query("SELECT `username`,`password`,`etc` FROM `users` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1"); //Select both at the same time
- if(mysql_num_rows($sql) == 0)
- {
- $loginerror['login'] = "Username or Password incorrect or does not exist."; //It's smart not to let people know which they got wrong.
- }
- else
- {
- $_SESSION['username'] = $username;
- $_SESSION['loggedin'] = true;
- $loginmessage = 'Welcome ' . $username. ', you are successfully logged in';
- }
- }
- }
- function dispError($name,&$errors)
- {
- if(isset($errors[$name]))
- {
- return '<span class="error">' . $errors[$name] . '</span>';
- }
- return '';
- }
- if(isset($loginmessage))
- {
- echo $loginmessage;
- }
- elseif(isset($_SESSION['username']) && isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true)
- {
- echo 'Welcome, ' . $_SESSION['username'];
- }
- else
- {
- if(!isset($loginerror) || !is_array($loginerror))
- {
- $loginerror = array(); //Gotta make sure it exists for the next part if it hasn't been set.
- }
- echo dispError('login',$loginerror);
- echo '<form method="post" action="">';
- echo '<input name="username" placeholder="Username..." type="text" maxlength="15" />' . dispError('username',$loginerror) . '<br /><br />';
- echo '<input name="password" placeholder="Password..." type="password" maxlength="20" />' . dispError('password',$loginerror) . '<br /><br />';
- echo '<input name="login" type="submit" value="Login" style="width:100px;">';
- echo '</form>';
- }
- if(isset($_POST['login']))
- {
- require_once("loginCheck.php");
- }
- //various other includes and requires
- require_once("loginForm.php");
- $_SESSION['loggedin'] = true;
- <?php
- session_start();
- if(!loggedIn())
- {
- header('Location: login.php');
- die();
- }
- function loggedIn()
- {
- if($_SESSION['loggedin'])
- return true;
- else
- return false;
- }
- ?>
Add Comment
Please, Sign In to add comment