login.php

1. <?php
2. // Database Things =========================================================
3. //These values can be found in the email.
4. try {
5. $bdd = new PDO("mysql:host=fdb21.awardspace.net; dbname=2755895_hnlserver", "2755895_hnlserver", "Wir9I3T0nvydZq");
6. $bdd -> exec("SET NAMES utf8");
7. } catch (Exception $e) {
8. die($e -> getMessage());
9. }
10. $host = "fdb21.awardspace.net"; //<--put your host here
11. $user = "2755895_hnlserver"; //<-- put username here
12. $password = "Wir9I3T0nvydZq"; //<--put your password here
13. $dbname = "2755895_hnlserver"; //<-- put your database name here
14.  
15. // =============================================================================
16. $Act = $_GET["Act"];// what is action, Login or Register?
17. $nick = $_GET["User"];
18. $pass = $_GET["Pass"];
19. $Email = $_GET["Email"];
20. if($Act == "Login"){
21. if(!$nick || !$pass) {
22. echo "Login or password cant be empty.";
23. } else {
24.  
25. $SQL = "SELECT * FROM Users WHERE Username = '" . $nick . "'";
26. $result_id = @mysql_query($SQL) or die("DB ERROR");
27. $total = mysql_num_rows($result_id);
28. if($total) {
29. $datas = @mysql_fetch_array($result_id);
30. if(!strcmp($pass, $datas["Password"])) {
31. echo "Correct";
32. } else {
33. echo "Wrong";
34. }
35. } else {
36. echo "No User";
37. }
38.  
39. }
40. }
41. if($Act == "Register"){
42.  
43. $checkuser = mysql_query("SELECT Username FROM Users WHERE Username='$nick'");
44. $username_exist = mysql_num_rows($checkuser);
45. if($username_exist > 0)
46. {
47. echo "TAKEN";// Username is taken
48.  
49. unset($nick);
50. exit();
51. }else{
52. $query = "INSERT INTO espacemembre_hnl(username,mdp,email) VALUES('$nick', '$pass', '$Email')";
53. mysql_query($query) or die("ERROR");
54. mysql_close();
55. echo "Registered";
56. }
57. }
58. // Close mySQL Connection
59. mysql_close();
60. ?>