Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Error management
- ini_set('display_errors', 1);
- error_reporting(E_ALL | E_STRICT);
- require('includes/connection.php');
- require('includes/cookie.php');
- define('TITLE', 'Login');
- require('template/header.php');
- if (!loggedin()) { // Not logged in
- if ( isset($_POST['submitted']) ) {
- $username = trim($_POST['username']);
- $password = sha1(trim($_POST['password']));
- $query = "SELECT password FROM users WHERE username='$username'";
- $r = mysql_query($query);
- if (mysql_num_rows($r) == 1) { // Username is valid
- if (mysql_result($r, 0) == $password) { // Password is valid
- $cid = sha1(microtime(true));
- mysql_query("UPDATE users SET cid='$cid' WHERE username='$username'");
- $_SESSION['cid'] = $cid;
- setcookie('cid', $cid, time()+1209600);
- $loggedin = true;
- } else { // Password is invalid
- $problem = 'Invalid password';
- }
- } else { // Username is invalid
- $problem = 'Invalid username';
- }
- if (isset($problem)) { // Username or password is invalid
- echo '<p class="error">' . $problem . '</p>';
- }
- }
- if (isset($loggedin)) {
- echo '<div id="formdiv"><br /><br /><br /><p style="font-size: 120%; text-align: center;">Login successful</p><br /><br /><br /></div>';
- } else {
- ?>
- <form action="login.php" method="post">
- <p>
- <label for="username">Username:</label>
- <input type="text" name="username" size="30" />
- </p>
- <p>
- <label for="password">Password:</label>
- <input type="password" name="password" size="30" />
- </p>
- <input type="submit" name="submit" value="Login" />
- <input type="hidden" name="submitted" value="true" />
- </form>
- <?php
- }
- } else { // Already logged in
- echo '<div id="formdiv"><br /><br /><br /><p class="error" style="font-size: 130%; text-align: center;">You are already logged in</p><br /><br /><br /></div>';
- }
- require('template/footer.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement