Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <div id="maincontent">
- <div id="loginbox">
- <?php
- include '../nosee/global.php';
- $session_username = $_SESSION['username'];
- if ($_POST['login'])
- {
- //get form data
- $username = mysql_real_escape_string(strip_tags($_POST['username']));
- $password = mysql_real_escape_string(strip_tags($_POST['password']));
- echo $username;
- echo $password;
- if (!$username||!$password)
- echo "Enter a username and password";
- else
- {
- //log in
- $login = mysql_query("SELECT * FROM admin WHERE username='$username'");
- if (mysql_num_rows($login)==0)
- echo "No such user";
- else
- {
- while ($login_row = mysql_fetch_assoc($login))
- {
- //get database password
- $password_db = $login_row['password'];
- //encrypt form password
- $password = md5($password);
- //check password
- if (md5($password)!=$password_db)
- echo "Incorrect password";
- else
- {
- $_SESSION['username']=$username; //assign session
- header("Location: login.php"); //refresh
- }
- }
- }
- }
- }
- else
- {
- if (isset($session_username))
- {
- echo "You are logged in, $session_username. <a href='logout.php'>Log out</a>";
- }
- else
- {
- echo "
- <form action='login.php' method='POST'>
- Username:<br />
- <input type='text' name='username'><p />
- Password:<br />
- <input type='password' name='password'><p />
- <input type='submit' name='login' value='Log in'>
- </form>
- ";
- }
- }
- ?>
- </div>
- </div>
Add Comment
Please, Sign In to add comment
