API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 26th, 2017
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.54 KB | None | 0 0
raw download clone embed print report
  1. <?php session_start(); $ref = $_SERVER['HTTP_REFERER'];
  2.  
  3. if(isset($_SESSION['username'])) {
  4.  
  5.     include('header.php');
  6.     echo '<div class="error_message">Attention! You are already logged in.</div>';
  7.     echo "<h2>What to do now?</h2><br />";
  8.     echo "Go <a href='javascript:history.go(-1)'>back</a> to the page you were viewing before this.</li>";
  9.     include('footer.php');
  10.    
  11.     exit();
  12. }
  13.  
  14. // Has an error message been passed to login.php?
  15. $error = $_GET['e'];
  16.  
  17. if($error == 1) {
  18.     $error = '<div class="error_message">Attention! You must be logged in to view this page.</div>';
  19. }
  20.  
  21. // Only process if the login form has been submitted.
  22. ##die(var_dump($_POST, $_SESSION));
  23. if(isset($_POST['login'])) {
  24.  
  25.     $username = $_POST['username'];
  26.     $password = $_POST['password'];
  27.  
  28.     if (!isset($username) || !isset($password)) {
  29.         header( "Location: home.php" ); exit();
  30.     } elseif (empty($username) || empty($password)) {
  31.         $error = '<div class="error_message">Attention! Please enter your Username and Password.</div>';
  32.     } else {
  33.    
  34.     // Add slashes to the username and md5() the password
  35.     $user = mysql_real_escape_string(addslashes($_POST['username']));
  36.     $pass = mysql_real_escape_string(md5($_POST['password']));
  37.    
  38.    
  39.     $sql = "SELECT * FROM login_users WHERE username='$user' AND password='$pass'";
  40.     die($sql);
  41.     $result = mysql_query($sql);
  42.    
  43.     // Check that at least one row was returned
  44.     $rowCheck = mysql_num_rows($result);
  45.    
  46.     if($rowCheck > 0) {
  47.     while($row = mysql_fetch_array($result)) {
  48.    
  49.       // Start the session and register a variable
  50.    
  51.      
  52.       $_SESSION['username'] = $user;
  53.       //session_register('username');
  54.          
  55.       header("Location: ".$ref); exit();
  56.    
  57.       }
  58.    
  59.       } else {
  60.    
  61.       // If nothing is returned by the query, unsuccessful login code goes here...
  62.    
  63.       $error = '<div class="error_message">Attention! Incorrect username or password.</div>';
  64.       }
  65.     }
  66. }
  67.  
  68. if(stristr($_SERVER['PHP_SELF'], 'admin')) { include('../header.php'); } else { include('header.php'); }
  69.  
  70. echo $error; ?>
  71.  
  72. <h2>Login</h2>
  73.  
  74. <form method="POST" action="">
  75. <label>Username</label><input type="text" name="username" size="20">
  76. <br />
  77. <label>Password</label><input type="password" name="password" size="20">
  78. <br />
  79. <input type="submit" value="Submit" name="login">
  80. </form>
  81.  
  82. <p><a href="forgotten.php">Forgotten Password?</a></p>
  83.  
  84. <p>Not registered yet? It's free, quick & easy to do so <a href="sign_up.php">here</a></p>
  85.  
  86. <?php if(stristr($_SERVER['PHP_SELF'], 'admin')) { include('../footer.php'); } else { include('footer.php'); } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!