Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("rmb.php");
- $cxn = mysqli_connect($host,$user,$passmilah,$dbase)
- or die("Query died: connect");
- $sql = "SELECT username FROM user
- WHERE username='$_POST[fusername]'";
- $result = mysqli_query($cxn,$sql)
- or die("Query died: fusername ");
- //.mysqli_error($cxn));
- $num = mysqli_num_rows($result);
- if($num > 0) //login name was found
- {
- $sql = "SELECT username FROM user
- WHERE username='{$_POST['fusername']}'
- AND password='".md5($_POST['fpassword'])."'";
- $result2 = mysqli_query($cxn,$sql)
- or die(mysqli_error($cxn));
- $num2 = mysqli_num_rows($result2);
- if($num2 > 0) //password matches
- {
- $_SESSION['auth']="yes";
- $_SESSION['logname'] = $_POST['fusername'];
- $sql = "INSERT INTO login (username,logintime)
- VALUES( '" . $_SESSION [ 'logname' ] . "', NOW() )";
- $result = mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
- header('Location: home.php');
- }
- else // password does not match
- {
- $message_1="The Login Name, '$_POST[fusername]'
- exists, but you have not entered the
- correct password! Please try again.";
- $fusername = strip_tags(trim($_POST['fusername']));
- include("home.php");
- }
- }
- else // login name not found
- {
- $message_1 = "The User Name you entered does not
- exist! Please try again.";
- include("home.php");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
