if($_GET['fx'] == 'login'){ $username = CleanMyDirtyData($_POST['username'])

1. if($_GET['fx'] == 'login'){
2. $username = CleanMyDirtyData($_POST['username']);
3. $paswoord = sha1(CleanMyDirtyData($_POST['password']));
4. $verbinding = mysql_connect(MYSQL_SERVER, MYSQL_GEBRUIKERSNAAM, MYSQL_WACHTWOORD) or die("Verbinding mislukt: " . mysql_error());
5. mysql_select_db('users');
6. $result = mysql_query("SELECT * FROM users WHERE username='" . $username ."' AND password='". $paswoord. "'");
7. $row = mysql_fetch_array($result);
8. if(!empty($row)){
9. if(isset($_POST['remember']) && $_POST['remember'] == true){
10. $hash = sha1($username . time() . 'HetGeheimeWoord');
11. setcookie('LoginCookie',$hash,time()+30000000);
12. mysql_select_db('gaiszxfm_users');
13. mysql_query("UPDATE users SET cookie_hash='".$hash."' WHERE username='" . $username . "'");
14. }
15. $_SESSION['LoggedIn'] = true;
16. $_SESSION['Username'] = $row['username'];
17. $_SESSION['Email'] = $row['email'];
18. $melding = 'U bent succesvol ingelogd!';
19. header("Location: index.php");
20. }else{
21. $melding = 'Foute combinatie tussen wachtwoord en gebruikersnaam.';
22. }
23.  
24. }