Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(isset($_POST['login'])) {
- $username = isset($_POST['username']) ? clear($_POST['username']) : false;
- $password = isset($_POST['password']) ? clear($_POST['password']) : false;
- $login = date("d-F-Y H:i");
- if(empty($username) AND empty($password))
- {
- $errore = '<div id="msg">Riempi tutti i campi.</div>';
- }
- elseif(!mysql_num_rows(mysql_query("SELECT * FROM users WHERE username = '$username'")))
- {
- $errore = '<div id="msg">Username non trovato.</div>';
- }
- elseif(mysql_num_rows(mysql_query("SELECT * FROM users WHERE username = '$username' AND rank = 0 ")))
- {
- $errore = '<div id="msg">Questo utente risulta essere bannato.</div>';
- } else {
- $password = md5($password);
- $ip = $_SERVER['REMOTE_ADDR'];
- if(mysql_num_rows(mysql_query("SELECT * FROM users WHERE username LIKE '$username' AND password='$password'")) > 0) {
- $username = mysql_result(mysql_query("SELECT username FROM users WHERE username LIKE '$username'"), 0);
- $userid = mysql_result(mysql_query("SELECT id FROM users WHERE username LIKE '$username'"), 0);
- mysql_query("UPDATE users SET last_login='".time()."', last_ip='$ip', data_login='$login' WHERE id='$userid'") or die(mysql_error());
- $_SESSION['username'] = $username;
- $_SESSION['userid'] = $userid;
- header('Location: me.php');
- sleep(5);
- } else {
- $errore = '<div id="msg">La password non è corretta.</div>';
- }
- }
- } else {
- ?>
- <form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>" autocomplete="off" style="margin: 0;">
- <input type="text" name="username" placeholder="Username" autocomplete="off" value="">
- <input type="password" name="password" placeholder="Password" autocomplete="off" value="">
- <input type="submit" name="login" class="buttonLogin" value="Login">
- <a href="/register.php" class="buttonRegister">Registrati</a>
- </form>
- </div>
- </div>
- </li>
- <?php } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement