Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if($_POST[login]){
- $error='';
- $username = strip_tags($_POST['username']);
- $password = md5(strip_tags($_POST['password']));
- $ip = $_SERVER['REMOTE_ADDR'];
- if(!$username || !$password){
- $error.= 'All fields are requred.<br>';
- }else{
- $check = mysql_query("SELECT * FROM users WHERE `username` = '$username'");
- if(mysql_num_rows($check) == 0){
- $error.= 'The user <strong>'.$username.'</strong> does not exist.<br>';
- }else{
- $r = mysql_fetch_array($check);
- if($r["banned"] == '1'){
- $error.= 'You are currently banned, you can not log in.<br>';
- }else{
- if($r["password"] !== $password){
- $error.= 'The password you entered is incorrect.<br>';
- }else{
- setcookie("id", $r["id"], time()+(60*60*60*24*5));
- setcookie("password", $r["password"], time()+(60*60*60*24*5));
- setcookie("sec", md5($ip), time()+(60*60*60*24*5));
- mysql_query("UPDATE `users` SET `ip` = '$ip' WHERE `username` = '$username'");
- header("Location: index.php");
- }
- }
- }
- }
- }
- if($error){
- echo $error;
- }
- echo '<form method="post">
- <input type="text" class="custom" name="username" value="username..." />
- <input type="password" class="custom" name="password" value="password" />
- <a href="register.php">Register</a> | <a href="forgotpass.php">Forgot Password?</a>
- <input type="submit" class="buttom" value="login" name="login" style="float: right" />
- </form>';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement