Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //check for required fields
- if ((!$_POST["username"]) || (!$_POST["password"])) {
- header("Location: index.php");
- exit;
- }
- //connect to mysql and select database
- $conn = mysql_connect('localhost', 'root', 'shutter0');
- if (!$conn) {
- die('Could not connect: ' . mysql_error());
- }
- echo 'Connected successfully';
- mysql_select_db("arcade",$conn) or die(mysql_error());
- //create and issue the query
- $sql = "select f_name, l_name from arcade_users where username = '$_POST[username]' AND password = password('$_POST[password]')";
- $result = mysql_query($sql, $conn) or die(mysql_error());
- //get the number of rows in the result set; should be 1 if a match
- if (mysql_num_rows($result) == 1) {
- //if authorised, get the values of f_name l_name
- $f_name = mysql_result($result, 0, 'f_name');
- $l_name = mysql_result($result, 0, 'l_name');
- //set authorization cookie
- setcookie("auth", "1", 0, "/", "localhost", 0);
- //create display string
- $display_block = "<p>$f_name $l_name is authorized!</p>
- <p>Authorized Users' Menu:
- <ul>
- <li><a href=\"secretpage.php\">secret page</a>
- </ul>";
- } else {
- //redirect back to login form if not authorized
- header("Location: index.php");
- exit;
- }
- ?>
Add Comment
Please, Sign In to add comment
