Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('includes/database.php');
- $error = '';
- // username and password sent from form
- if(isset($_POST['submit']))
- {
- if(isset($_POST['myusername']) && isset($_POST['mypassword']))
- {
- $myusername = $_POST['myusername'];
- $mypassword = $_POST['mypassword'];
- // To protect MySQL injection (more detail about MySQL injection)
- $myusername = stripslashes($myusername);
- $mypassword = stripslashes($mypassword);
- $myusername = mysqli_real_escape_string( $mysqli,$myusername);
- $mypassword = mysqli_real_escape_string($mysqli,$mypassword);
- $mypassword = md5($mypassword);
- $sql = "SELECT * FROM members WHERE username='$myusername' and
- password='$mypassword'";
- $result = mysqli_query( $mysqli, $sql);
- // Mysql_num_row is counting table row
- $rowcount = mysqli_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($rowcount == 1){
- // Register $myusername, $mypassword and redirect to file "index.php"
- session_start();
- $_SESSION['myusername'] = $myusername;
- $_SESSION['mypassword'] = $mypassword;
- header("location:index.php");
- }
- else {
- $error = "Wrong Username or Password!";
- }
- }
- else
- {
- $error = "Please provide Username and/or Password!";
- }
- }
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
- <meta name="description" content="" />
- <meta name="keywords" content="" />
- <meta name="author" content="" />
- <link rel="stylesheet" type="text/css" href="style.css" media="screen" />
- <title>1stWebDesigner PHP Template</title>
- <script language="javascript">
- function validate(){
- var f=document.login;
- var error = false;
- // preverjati pricnemo na koncu, da pride potem focus na prvo manjkajoce polje od zgoraj!
- if(f.mypassword.value==''){
- document.getElementById("password_error").style.color="red";
- f.mypassword.focus();
- error = true;
- }
- else
- {
- document.getElementById("password_error").style.color="#f8f8f8";
- }
- if(f.myusername.value==''){
- document.getElementById("username_error").style.color="red";
- f.myusername.focus();
- error = true;
- }
- else
- {
- document.getElementById("username_error").style.color="#f8f8f8";
- }
- if(error)
- return false;
- //f.command.value='update';
- f.submit();
- }
- </script>
- </head>
- <body>
- <div id="wrapper">
- <div id="header">
- <?php include('includes/header.php'); ?>
- </div> <!-- end #header -->
- <div id="content">
- <br/>
- <br/>
- <table width="300" border="0" align="center" cellpadding="0"
- cellspacing="1" >
- <tr>
- <form name="login" method="post" action="<?php
- echo($_SERVER['PHP_SELF']) ?>">
- <td>
- <table width="100%" border="0" cellpadding="3"
- cellspacing="1" bgcolor="#FFFFFF">
- <tr>
- <td colspan="3"><strong>Member Login </strong></td>
- </tr>
- <tr>
- <td width="78">Username</td>
- <td width="6">:</td>
- <td width="294"><input name="myusername" type="text"
- id="myusername"></td>
- </tr>
- <tr>
- <td>Password</td>
- <td>:</td>
- <td><input name="mypassword" type="password"
- id="mypassword"></td>
- </tr>
- <tr>
- <td> </td>
- <td> </td>
- <td><input type="submit" name="submit" value="Login"></td>
- </tr>
- <tr>
- <td> </td>
- <td> </td>
- <td><a href="register.php">Register</a>
- </tr>
- <tr>
- <td colspan="3" style="color:red;"><?php echo $error ?></td>
- </tr>
- </table>
- </td>
- </form>
- </tr>
- </table>
- <br/>
- <br/>
- </div> <!-- end #content -->
- <div id="footer">
- <?php include('includes/footer.php'); ?>
- </div> <!-- end #footer -->
- </div> <!-- end #wrapper -->
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement