Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php session_start(); $ref = $_SERVER['HTTP_REFERER'];
- if(isset($_SESSION['username'])) {
- include('header.php');
- echo '<div class="error_message">Attention! You are already logged in.</div>';
- echo "<h2>What to do now?</h2><br />";
- echo "Go <a href='javascript:history.go(-1)'>back</a> to the page you were viewing before this.</li>";
- include('footer.php');
- exit();
- }
- // Has an error message been passed to login.php?
- $error = $_GET['e'];
- if($error == 1) {
- $error = '<div class="error_message">Attention! You must be logged in to view this page.</div>';
- }
- // Only process if the login form has been submitted.
- ##die(var_dump($_POST, $_SESSION));
- if(isset($_POST['login'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- if (!isset($username) || !isset($password)) {
- header( "Location: home.php" ); exit();
- } elseif (empty($username) || empty($password)) {
- $error = '<div class="error_message">Attention! Please enter your Username and Password.</div>';
- } else {
- // Add slashes to the username and md5() the password
- $user = mysql_real_escape_string(addslashes($_POST['username']));
- $pass = mysql_real_escape_string(md5($_POST['password']));
- $sql = "SELECT * FROM login_users WHERE username='$user' AND password='$pass'";
- die($sql);
- $result = mysql_query($sql);
- // Check that at least one row was returned
- $rowCheck = mysql_num_rows($result);
- if($rowCheck > 0) {
- while($row = mysql_fetch_array($result)) {
- // Start the session and register a variable
- $_SESSION['username'] = $user;
- //session_register('username');
- header("Location: ".$ref); exit();
- }
- } else {
- // If nothing is returned by the query, unsuccessful login code goes here...
- $error = '<div class="error_message">Attention! Incorrect username or password.</div>';
- }
- }
- }
- if(stristr($_SERVER['PHP_SELF'], 'admin')) { include('../header.php'); } else { include('header.php'); }
- echo $error; ?>
- <h2>Login</h2>
- <form method="POST" action="">
- <label>Username</label><input type="text" name="username" size="20">
- <br />
- <label>Password</label><input type="password" name="password" size="20">
- <br />
- <input type="submit" value="Submit" name="login">
- </form>
- <p><a href="forgotten.php">Forgotten Password?</a></p>
- <p>Not registered yet? It's free, quick & easy to do so <a href="sign_up.php">here</a></p>
- <?php if(stristr($_SERVER['PHP_SELF'], 'admin')) { include('../footer.php'); } else { include('footer.php'); } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement