Untitled

<!DOCTYPE html>
<html>
<?php
header('Content-Type: text/html; charset=UTF-8');
ob_start();
session_start();
require_once 'dbconnect.php';
// it will never let you open index(login) page if session is set
if ( isset($_SESSION['user'])!="" ) {
    header("Location: csgo.php");
    exit;
}
$error = false;
if( isset($_POST['btn-login']) ) {
    // prevent sql injections/ clear user invalid inputs
    $username = trim($_POST['username']);
    $pass = trim($_POST['pass']);
    $pass = strip_tags($pass);
    $pass = htmlspecialchars($pass);
    // prevent sql injections / clear user invalid inputs
    if(empty($username)){
        $error = true;
        $usernameError = "Įveskit nick'ą.";
    }
    if(empty($pass)){
        $error = true;
        $passError = "Įveskite slaptažodį.";
    }
  // if there's no error, continue to login
    if (!$error) {
        $res=mysql_query("SELECT * FROM player_data WHERE username='$username'");
        $row=mysql_fetch_array($res);
        $count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
        if( $count == 1 && $row['player_password']==$pass) {
            $_SESSION['user'] = $row['player_id'];
            $_SESSION['pw'] = $row['player_password'];
            header("Location: csgo.php");
        } else {
            $errMSG = "<span style='color: #ff4d4d; text-align: center;'>Blogas nick'as arba slaptažodis</span>";
        }
    }
}
?>
<head>
    <title>CS:GO Paskyra</title>
    <link href='http://fonts.googleapis.com/css?family=Raleway' rel='stylesheet' type='text/css'>
    <meta charset="utf-8">
    <link rel="stylesheet" type="text/css" href="new.css">
</head>
<body>
<div id='nav'>
    <a href='http://wgame.lt/forumas/'>Forumas</a>
</div>
<div id="content">
    <h2>WGAME.LT <span style="color: #26b66a;">GLOBAL OFFENSIVE</span></h2>
    <div class="side">
        <h2 class="h2name">Prisijungti</h2>
        <form class="login" method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" autocomplete="off">
            <label><b>Slapyvardis</b></label><br>
            <input type="text" placeholder="Slapyvardis" name="username" required oninvalid="this.setCustomValidity('Įveskite slapyvardį')" value="<?php echo $username; ?>"><br><br>
            <span style="color: #ff4d4d; text-align: center;"><?php echo $usernameError; ?></span>
            <label><b>Slaptažodis</b></label><br>
            <input type="password" name="pass" placeholder="Slaptažodis" required oninvalid="this.setCustomValidity('Įveskite slaptažodį')"><br><br>
            <span style="color: #ff4d4d; text-align: center;"><?php echo $passError; ?></span>
            <?php
            if(isset($errMSG)) {
                echo $errMSG;
            }
            ?>
            <button type="submit" name="btn-login">Prisijungti</button>
        </form>
    </div>
    <div class="informacija">
        <h2>Informacija</h2>
        <p class="textinfo">Prisijungę prie savo wGame.lt Global Offensive paskyros galėsite atlikti šiuos dalykus:
            <br><br><span style="color: #26b66a;">Pasikeisti</span> slapyvardį.
            <br><span style="color: #26b66a;">Pasikeisti</span> slaptažodį.
            <br><span style="color: #26b66a;">Peržiūrėti</span> žaidėjų leaderboard.
            <br><span style="color: #26b66a;">Peržvelgti</span> savo skillų informaciją.
            <br><span style="color: #26b66a;">Žaisti</span> žaidimus - ruletę, coinflip.
            <br><br><span style="color: #26b66a;">Susikurti</span> paskyrą gali prisijungęs į serverį adresu <span style="color: #26b66a;">csgo.wgame.lt</span>
            <br>Nedelsk ir junkis prie MŪSŲ!
        </p>
    </div>
</div>
<footer>
    &copy 2017 wGame.LT
</footer>
</body>
</html>