Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- include('config.php');
- $page = mysql_real_escape_string($_GET['page']);
- session_start();
- if($_SERVER["REQUEST_METHOD"] == "POST") {
- $flag = false;
- $errmsg = $msg;
- $user = $_POST['username'];
- $pass = $_POST['password'];
- if(!$user) {
- $msg = "NoUsername";
- $flag = true;
- }
- else if(!$pass) {
- $msg = "NoPassword";
- $flag = true;
- }
- if($flag == true) {
- header("Location: index.php?error=".$msg."");
- } else {
- $query = "SELECT * FROM users WHERE username='$user' AND password='$pass'";
- $result = mysql_query($query);
- $check = mysql_num_rows($result);
- if($check == 1) {
- $_SESSION['user'] = $user;
- $_SESSION['logged'] = true;
- header("location: index.php");
- } else {
- $msg = "UserNotFound";
- header("location: index.php?error=".$msg."");
- }
- }
- }
- if(!$_SESSION['user']) {
- echo "
- <html>
- <link rel='stylesheet' href='css/style.css' type='text/css' media='screen' title='default' />
- <body id='body-message'>
- <p id='message'>
- <center>
- <form action='index.php' method='post' name='login' id='login'>
- <input type='text' name='username' id='username' value='Username'>
- <br>
- <input type='Password' name='password' id='Password' value='Password'>
- <br>
- <input type='submit' id='login' value='login'>
- </form>
- </center>
- </p>
- </body>
- </html>";
- }
- if($_SESSION['logged'] = true) {
- switch($page) {
- default:
- include('templates/404.template.php');
- break;
- case !$page:
- include('templats./body.template.php');
- break;
- case 'news':
- include('templates/body.template.php');
- break;
- }
- }
- ?>
- <body>
- </body>
- </html>
Add Comment
Please, Sign In to add comment