Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $dbname = 'CSHARP-PC\SQLEXPRESS';
- $dbuser = 'sa';
- $dbpass = 'youllneverknow';
- //login check
- if($_SESSION['logged_in'] == false){
- echo '<center><form method="post">
- Username: <input type="text" name="username" id="user_name">
- Password: <input type="password" name="password" id="password">
- <input type="submit" name="Login" id="Login" value="Login">
- </form></center>';
- exit();
- }
- //login script end
- if ( isset( $_POST['Login'] ) )
- {
- $username = mssql_escape_string( $_POST['username'] );
- $password = mssql_escape_string( $_POST['password'] );
- $mssql_link = @mssql_connect($dbname, $dbuser, $dbpass );
- if ( !$mssql_link )
- echo 'Could not connect to loginserver';
- else
- {
- $checkUser = mssql_query( "SELECT nUserNo FROM Account..tUser WHERE sUserID = '$username' AND sUserPW = '$password';" );
- if ( mssql_num_rows( $checkUser ) == 1 )
- {
- $userInfo = mssql_fetch_array( $checkUser );
- $_SESSION['userID'] = $userInfo[0];
- $_SESSION['logged_in'] = true;
- echo 'You are now logged in!';
- }
- else
- {
- echo 'Wrong username or password';
- }
- }
- }
- //END LOGIN
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement