Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- elseif($action=="login"){
- $username=htmlspecialchars(trim($_POST['username']));
- $password=htmlspecialchars(trim($_POST['password']));
- $dbusername ="";
- $dbpassword = "";
- $dblevel = "";
- $submit=$_POST['submit'];
- $note;
- $action = htmlspecialchars(trim($_GET['action']));
- if(strlen($username) > 0 && strlen($password) > 0 && isset($submit)){
- $connect=mysql_connect("localhost","share","sharepass") or die("Couldn't Connect");
- mysql_select_db("share") or die("Couldn't find database");
- $query=mysql_query("SELECT * FROM users WHERE username='$user'");
- $numrows=mysql_num_rows($query);
- if($numrows > 0){
- while($row=mysql_fetch_array($query)){
- $dbusername=$row['username'];
- $dbpassword=$row['password'];
- $dblevel=$row['level'];
- }
- if($username==$dbusername&&md5($password)==$dbpassword){
- $_SESSION['username']=$username;
- $_SESSION['level']=$dblevel;
- header('Location: member.php');
- $note = "success.";
- }
- else{
- $note = "Incorrect Password!";
- }
- }
- else{
- $note = "That username doesn't exist";
- }
- }
- else{
- $note = "Please enter a valid username and password";
- }
- }
Add Comment
Please, Sign In to add comment
