Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $uri = $_SERVER['REQUEST_URI'];
- function displaylogon($alert, $uri)
- {
- echo "<form method='post' action='$uri'>";
- echo "<table>";
- echo "<tr><td>Login Name<br /></td></tr>" ;
- echo "<tr><td><input type='text' name='loginname' size='15'/></td></tr>";
- echo "<tr><td>Login Password</td></tr>";
- echo "<tr><td><input type='password' name='loginpassword' maxlength='15' size='15'/></td></tr>";
- echo "<tr><td><span class='alert'>$alert</span></td></tr>";
- echo "<tr><td><input type='submit' name='loginbutton' value='Login' /></td></tr>";
- echo "</table>";
- echo "</form>";
- echo "<br />";
- echo "<br />";
- echo "<a href='../main/registeruser.php'>New User</a>";
- echo "<br />";
- }
- function displaywelcome($uri)
- {
- echo "<p>";
- if($_SESSION['admin']==true)
- {
- echo "Welcome Administrator";
- echo "<br/>";
- echo "<br/>";
- echo "<a href='../admin/admin.php'>Admin Page</a>";
- }
- else
- {
- echo "Welcome " . $_SESSION['firstname'];
- echo "<br/>";
- echo "<br/>";
- echo "<a href='../main/cart.php'>View Cart</a>";
- }
- echo "</p>";
- echo "<form action='../main/homepage.php' method='post'>";
- echo "<table>";
- echo "<tr>";
- echo "<td><input type='hidden' value='true' name='logout' />";
- echo "<input type='submit' value='Log out' /></td>";
- echo "</tr>";
- echo "</table>";
- echo "</form>";
- }
- if($_POST['logout']==true)
- {
- //log the user out
- session_destroy();
- $alert = "You are now logged out.";
- displaylogon($alert, $uri);
- }
- else
- {
- if (isset($_SESSION['username']))
- {
- if($_POST['logout']==true)
- {
- //log the user out
- session_destroy();
- header('location:..\main\homepage.php?');
- //$alert = "You are now logged out.";
- //displaylogon($alert, $uri);
- }
- else
- {
- displaywelcome($uri);
- }
- }
- else if(isset($_POST['loginname']))
- {
- //check for admin login
- if((strcmp("super",$_POST['loginname'])==0)&& (strcmp("super",$_POST['loginpassword'])==0))
- {
- //set up session variables
- session_register('firstname');
- session_register('username');
- session_register('admin');
- $_SESSION['admin']=true;
- $_SESSION['firstname']= 'super';
- $_SESSION['username']= 'super';
- displaywelcome($uri);
- }
- else
- {
- //check user name is valid
- @ $fp = fopen("../datafiles/users.txt","r");
- if ($fp == null)
- {
- $alert = "An error has occurred, please try again.";
- displaylogon($alert, $uri);
- }
- else
- {
- $match = false;
- while (!feof($fp))
- {
- $line = fgetss($fp);
- //only check if line from file is not blank.
- if (!(($line =="") || ($line==null)))
- {
- $linearray = explode("\t",$line);
- //check if username and password match
- if((strnatcasecmp($linearray[2],$_POST['loginname'])==0)&& (strcmp($linearray[0],$_POST['loginpassword'])==0))
- {
- $match = true;
- }
- }
- }
- if ($match == true)
- {
- //set up session variables
- session_register('firstname');
- session_register('username');
- $_SESSION['firstname']= $_POST['loginpassword'];
- $_SESSION['username']= $_POST['loginname'];
- displaywelcome($uri);
- }
- else
- {
- $alert = "Username or password is incorrect.";
- displaylogon($alert, $uri);
- }
- fclose($fp);
- }
- }
- }
- else
- {
- //send the user back to where they came from
- $alert="";
- displaylogon($alert, $uri);
- }
- }
- ?>
Add Comment
Please, Sign In to add comment