Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE HTML>
- <html>
- <head>
- <title>Sign-In</title>
- <link rel='stylesheet'type='text/css' href='style-sign.css'>
- </head>
- <body id='body-color'> <div id='Sign-In'>
- <fieldset style='width:30%'><legend>LOG-IN HERE</legend>
- <form method='POST'action='connectivity.php'>
- <br><input type='text' name='username' size='40'><br> Password
- <br><input type='password' name='pass' size='40'><br>
- <input id='button' type='submit' name='submit' value='Log-In'>
- </form>
- </fieldset>
- </div>
- </body>
- </html>
- <a href='http://xxxxxxxxxxxxxxxxxxxxxxx/register.htm'>Register</a>
- <?php
- require_once("connectivity.php");
- try {
- /* Call connection to database function */
- $db = getConnection();
- /* SQL Queries ---------------------------------------- */
- /*Request the post functions from the loginForm.php */
- $username = $_REQUEST['user'];
- $password = $_REQUEST['pass'];
- $sublogin = $_REQUEST['sublogin'];
- $sql="SELECT * FROM user WHERE email ='$username'
- AND pass='".md5($_POST['pass'])."'";
- $password['pass'];
- $query = $db->query( $sql );
- if (count($db->$query)>0) {
- //Login Successful . Update the database, adding timestamp of last time member logged in.
- $db->query("UPDATE user SET lastlogin='". date("Y-m-d H:i:s",time())."' where email='".$_SESSION['username']."' and password='".$_SESSION['password']."'");
- $username = $db->fetch($result);
- $_SESSION['username']=$username['username'];
- $_SESSION['password']=$password['password'];
- //Write session to disc
- session_write_close();
- header("location: test2.php");
- exit();
- }
- if(isset($_POST['sublogin'])){
- /* Check that all fields were typed in */
- if(!$_POST['user'] || !$_POST['pass']){
- die('You didn\'t fill in a required field.');
- }
- /* Checks that email is in database and password is correct */
- $md5pass = md5($_POST['pass']);
- $result = confirmUser($_POST['user'], $md5pass);
- /* Check error codes */
- if($result == 1){
- die('That username doesn\'t exist in our database.');
- }
- else if($result == 2){
- die('Incorrect password, please try again.');
- }
- /* email and password correct, register session variables */
- $_POST['user'] = $_POST['user'];
- $_SESSION['username'] = $_POST['user'];
- $_SESSION['password'] = $md5pass;
- }
- }
- catch( PDOException $e ) {
- echo $e->getMessage();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement