//Login Functionfunction login(){include("./core/core_includes/config.php");

1. //Login Function
2. function login(){
3. include("./core/core_includes/config.php");
4. if (isset($_POST['login'])){
5. $success="./page.php?page=login&detail=success"; $fail="./page.php?page=login&detail=fail";
6. $user = mysql_real_escape_string(stripslashes(htmlentities($_POST['username'])));
7. $pass = mysql_real_escape_string(stripslashes(htmlentities($_POST['password'])));
8. $pass = sha1(strtoupper($user) . ":" . strtoupper($pass));
9. $user = ucfirst($user);
10. mysql_select_db("$db_account", $con)or die("cannot select DB");
11. $admin_check = mysql_query("SELECT * FROM account WHERE username='$user' AND sha_pass_hash='$pass' AND gm='3'");
12. $admin = mysql_num_rows($admin_check); $adminc = mysql_num_rows($a_c);
13.  
14. $gm_check = mysql_query("SELECT * FROM account WHERE username='$user' AND sha_pass_hash='$pass' AND gm='2'");
15. $gm = mysql_num_rows($gm_check);
16.  
17. $player_check = mysql_query("SELECT * FROM account WHERE username='$user' AND sha_pass_hash='$pass' AND gm='0'");
18. $player = mysql_num_rows($player_check);
19. if($player == 1){//Player
20. header("Location: ". $success );
21. //Set session data
22. $_SESSION["valid_id"] = $obj->id;
23. $_SESSION['wsc_user'] = "$user";
24. $_SESSION["valid_time"] = time();
25. }
26. else if($gm == 1){//Gm
27. header("Location: ". $success );
28. //Set session data
29. $_SESSION["valid_id"] = $obj->id;
30. $_SESSION['wsc_user'] = "$user";
31. $_SESSION['wsc_gm'] = "$user";
32. $_SESSION["valid_time"] = time();
33. }
34. else if($admin == 1){//Admin
35. header("Location: ". $success );
36. //Set session data
37. $_SESSION["valid_id"] = $obj->id;
38. $_SESSION['wsc_user'] = "$user";
39. $_SESSION['wsc_admin'] = "$user";
40. $_SESSION["valid_time"] = time();
41. }
42. else
43. {
44. header("Location: ". $fail );
45. }
46. }}
47. //End Login