Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $page_title = 'Log In';
- require_once('dbc.php');
- require_once('startsession.php');
- require_once('header.php');
- require_once('navmenu.php');
- // Clear the error message
- $error_msg = "";
- if (!isset($_SESSION['ID']))
- {
- if (isset($_COOKIE['ID']) && isset($_COOKIE['username']))
- {
- $_SESSION['ID'] = $_COOKIE['ID'];
- $_SESSION['username'] = $_COOKIE['username'];
- }
- if (isset($_POST['submit']))
- {
- // Connect to the database
- $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
- // Grab the user-entered log-in data
- $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
- $password = mysqli_real_escape_string($dbc, trim($_POST['password']));
- if (!empty($username) && !empty($password))
- {
- // Look up the username and password in the database
- $query = "SELECT ID, username FROM users WHERE username = '$username' AND password = SHA('$password')";
- $data = mysqli_query($dbc, $query)
- or die(mysqli_error($dbc));
- if (mysqli_num_rows($data) == 1)
- {
- // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
- $row = mysqli_fetch_array($data);
- $_SESSION['ID'] = $row['ID'];
- $_SESSION['username'] = $row['username'];
- setcookie('ID', $row['ID'], time() + (60 * 60 * 24 * 30)); // expires in 30 days
- setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30)); // expires in 30 days
- $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
- header('Location: ' . $home_url);
- }
- else
- {
- // The username/password are incorrect so set an error message
- $error_msg = 'Sorry, you must enter a valid username and password to log in.';
- }
- }
- else
- {
- // The username/password weren't entered so set an error message
- $error_msg = 'Sorry, you must enter your username and password to log in.';
- }
- }
- }
- // Insert the page header
- $page_title = 'Log In';
- require_once('header.php');
- // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in
- if (empty($_SESSION['ID']))
- {
- echo '<p class="error">' . $error_msg . '</p>';
- ?>
- <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
- <fieldset>
- <legend>Log In</legend>
- <label for="username">Username:</label>
- <input type="text" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br />
- <label for="password">Password:</label>
- <input type="text" name="password" />
- </fieldset>
- <input type="submit" value="Log In" name="submit" />
- </form>
- <?php
- }
- else
- {
- // Confirm the successful log-in
- echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '.</p>');
- }
- ?>
- <?php
- // Insert the page footer
- require_once('footer.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement