<?phpinclude 'extras/functions.php';if (loggedin()){ header ("Loca

1. <?php
2.  
3. include 'extras/functions.php';
4.  
5. if (loggedin())
6. {
7.    header ("Location: index.php?p=userarea");
8.    exit();
9. }
10. if(isset($_POST['login']))   // checks to see if submit is true using login
11. {
12.   //get data into variables
13.   $username = $_POST['username'];
14.   $password = $_POST['password'];
15.   $rememberme = isset($_POST['rememberme']);
16.  
17. if ($username&&$password)
18. {
19.  
20.    $login = mysql_query ("SELECT * FROM users WHERE username = '$username'"); //loop checking of password and username for protection
21.    while ($row = mysql_fetch_assoc($login))
22.    {
23.          $db_password = $row['password'];
24.          if ($password ==$db_password)    //md5 add here
25.             $loginok = TRUE;
26.          else                  //bullon data type true or false 0,1
27.             $loginok = FALSE;
28.  
29.          if($loginok ==TRUE)
30.          {
31.  
32.            if($rememberme=="on")
33.               setcookie("username",$username, time()+7200);
34.            else if ($rememberme=="")
35.               $_SESSION['username']=$username;
36.  
37.            header("location: userarea.php");
38.            exit(); //some browsers dont accept header scripts
39.  
40.          }
41.          else
42.              die("Incorrect username / password");
43.    }
44. }
45. else
46.      die("Please enter a username and password");
47.  
48. }
49. ?>