<?php include("includes/dbconn.php");?><html><head></head><?

1. <?php
2. include("includes/dbconn.php");
3. ?>
4.  
5. <html>
6.  
7. <head>
8.  
9. </head>
10.  
11. <?php
12. function Login()
13. {
14.     if(empty($_POST['Username']))
15.     {
16.         $this->HandleError("Username is empty!");
17.         return false;
18.     }
19.     if(empty($_POST['Password']))
20.     {
21.         $this->HandleError("Password is empty!");
22.         return false;
23.     }
24.     $username = trim($_POST['Username']);
25.     $password = trim($_POST['{Password']);
26.     if(!$this->CheckLoginInDB($Username,$Password))
27.     {
28.         return false;
29.     }
30.     session_start();
31.     $_SESSION[$this->GetLoginSessionVar()] = $Username;
32.     return true;
33. }
34.  
35.     function CheckLoginInDB($username,$password)
36. {
37.     if(!$this->DBLogin())
38.     {
39.         $this->HandleError("Database login failed!");
40.         return false;
41.     }
42.     $username = $this->SanitizeForSQL($username);
43.     $pwdmd5 = md5($password);
44.     $qry = "Select name, email from $this->tablename ".
45.         " where username='$username' and password='$pwdmd5' ".
46.         " and confirmcode='y'";
47.     $result = mysql_query($qry,$this->connection);
48.     if(!$result || mysql_num_rows($result) <= 0)
49.     {
50.         $this->HandleError("Error logging in. ".
51.             "The username or password does not match");
52.         return false;
53.     }
54.     return true;
55. }
56.  
57. ?>
58.  
59. <footer>
60.  
61. </footer>
62.  
63. </html>