<?php $connect = mysql_connect("127.0.0.1:3306","webclient","tajne"); //DB c

1. <?php
2. $connect = mysql_connect("127.0.0.1:3306","webclient","tajne");   //DB connecting informations - IP,USERNAME,PASSWORD
3. mysql_select_db("web", $connect);   //DB name
4.  
5. if($_SESSION[started] != "yes"){
6.     session_start();
7.     $_SESSION[started] = "yes";
8. }
9.  
10. $username = $_POST['username'];  //define POST variables to be accessable through whole script
11. $password = $_POST['password'];
12.  
13. if ($_GET['f'] == 'logout'){  //Loging out
14.     session_unset();
15. }
16.  
17. if($username != "" && $password != ""){ //Logging in
18.     $command = 'SELECT nick FROM web_logins WHERE nick LIKE "'.$username.'"';
19.     $result = mysql_query($command);
20.     $array = mysql_fetch_array($result);
21.     $usernamedb = $array["nick"];
22.     if($username == $usernamedb){
23.         $command = 'SELECT password,clientgrp FROM web_logins WHERE nick LIKE "'.$username.'"';
24.         $result = mysql_query($command);
25.         $array = mysql_fetch_array($result);       
26.         $passworddb = $array["password"];
27.         if($password == $passworddb){
28.             $command = 'UPDATE web_logins SET ip = "'.$_SERVER['REMOTE_ADDR'].'", last_login = "20'.Date("y-m-d").'" WHERE nick LIKE "'.$username.'"';
29.             mysql_query($command);
30.             mysql_close($connect);
31.             $_SESSION[logged] = "true";
32.             $_SESSION[username] = $username;
33.             $_SESSION[group] = $array["clientgrp"];
34.         }else{
35.             mysql_close($connect);
36.             $fail = "password";   //Wrong password message
37.         }
38.     }else{
39.         mysql_close($connect);
40.         $fail = "username";  //Unknown user message
41.     }
42. }
43.  
44. if($_SESSION['logged'] != "true"){    //Checks login status and dislays login form
45.     require ('loginform.php');
46.     exit;
47. }