Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php // login.php
- include_once 'header.php';
- echo "<div class='main'><h3>Please enter your
- details to log in</h3>";
- $error = $user = $pass = "";
- if (isset($_POST['user']))
- {
- $user = sanitizeString($_POST['user']);
- $fname = sanitizeString($_POST['fname']);
- $lname = sanitizeString($_POST['lname']);
- $pass = sanitizeString($_POST['pass']);
- $email = sanitizeString($_POST['email']);
- $phone = sanitizeString($_POST['phone']);
- $name = $fname + $lname;
- if ($name == "" || $pass == "")
- {
- $error = "Not all fields were entered<br />";
- }
- else
- {
- $query = "SELECT name,pass FROM members
- WHERE name='$name' AND pass='$pass'";
- if (mysql_num_rows(queryMysql($query)) == 0)
- {
- $error = "<span class='error'>Email/Phone and/or
- Password
- invalid</span><br /><br />";
- }
- else
- {
- $_SESSION['user'] = $user;
- $_SESSION['pass'] = $pass;
- die("You are now logged in. Please <a
- href='members.php?view=$user'>" .
- "click here</a> to continue.<br /><br />");
- }
- }
- }
- echo <<<_END
- <form method='post' action='login.php'>$error
- <span class='fieldname'>Username</span><input
- type='text'
- maxlength='16' name='user' value='$user' /><br
- />
- <span class='fieldname'>Password</span><input
- type='password'
- maxlength='16' name='pass' value='$pass' />
- _END;
- ?>
- <br />
- <span class='fieldname'> </span>
- <input type='submit' value='Login' />
- </form><br /></div></body></html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
