Untitled

<html>
<head>
<title>
MyPrizeShop : Members Area </title>
<script src="cufon-yui.js" type="text/javascript"></script>
<script src="AlexandriaFLF_500.font.js" type="text/javascript"></script>
<script type="text/javascript">
Cufon.replace('h1', { fontFamily: 'AlexandriaFLF' });
Cufon.replace('h2', { fontFamily: 'AlexandriaFLF' });
Cufon.replace('h3', { fontFamily: 'AlexandriaFLF' });
Cufon.replace('h5', { fontFamily: 'AlexandriaFLF' });
</script>
</head>


<div id="centercontent">

<?php
session_start();
include("login.php");
include_once("database.php");
{
global $conn;
if(!get_magic_quotes_gpc())
$username = addslashes($username);
$q = "select password from users where username = '$username'";
$result = mysql_query($q,$conn);
if(!$result || (mysql_numrows($result) < 1)){
return 1; //Indicates username failure
}
$dbarray = mysql_fetch_array($result);
$dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);
if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
?>

<?php
{

if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}


if(isset($_SESSION['username']) && isset($_SESSION['password'])){

if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){

unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}

else{
return false;
}
}
?>

<?php
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}

header ("Location: redirect.php" );
exit;

?>
<?php } ?>


<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>

<?php
if(isset($_POST['sublogin'])){

if(!$_POST['user'] || !$_POST['pass']){
die('You did not fill in a required field.');
}

$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}


$md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);


if($result == 1){
die('That username does not exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}


$_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;


if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}

echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}

$logged_in = checkLogin();
?>
</div>
</body>
<script type="text/javascript"> Cufon.now(); </script>
</html>