<?php include 'db_conn.php'; session_start(); ob_start();?><html>

1. <?php
2. include 'db_conn.php';
3. session_start();
4. ob_start();
5. ?>
6.  
7. <html>
8. <head>
9. <title>Log In</title>
10. </head>
11.  
12. <body>
13. <h1 style="text-align: center; border: thin solid #ffa500; color: aqua; font-style: bold">Log In</h1>
14.  
15. <form>
16. <table>
17. <tr>
18. <td>
19. <p>Username</p>
20. </td>
21. <td>
22. <input type="text" name="username" method="get" required>
23. </td>
24. <tr>
25.  
26. <tr>
27. <td>
28. <p>Password</p>
29. </td>
30. <td>
31. <input type="password" name="password" method="get" required>
32. </td>
33. </tr>
34.  
35. <tr>
36. <td>
37. <p>Security Code</p>
38. </td>
39. <td>
40. <input type="text" name="security_code" method="get" required>
41. </td>
42. </tr>
43. </table>
44.  
45. <input type="submit" name="submit_user_details">
46. </form>
47.  
48. <?php
49. if($_SESSION['uid'])
50. {
51. echo "You are already logged in!<br>";
52. }
53. else
54. {
55. echo "You are not logged in<br>";
56. }
57.  
58. $username = $_GET['username'];
59. $password = $_GET['password'];
60. $security_code = $_GET['security_code'];
61.  
62. $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'";
63. $result = mysqli_query($conn, $sql);
64.  
65. if(!$result)
66. {
67. die('Could not get data: ' . mysqli_error($conn));
68. }
69.  
70. if(!$row == mysqli_fetch_assoc($result))
71. {
72. echo "You have entered an incorrect username or password (if you have not yet entered anything, ignore this, it is a bug)";
73. }
74. else
75. {
76. if($security_code == "warframescrub7")
77. {
78. $_SESSION['uid'] = $row['user_id'];
79. $x = $_SESSION['uid'];
80.  
81. $sql = "UPDATE users SET loggedin='1'
82. WHERE user_id='$x'";
83. $result = mysqli_query($conn, $sql);
84.  
85. header('Location: index.php');
86. }
87. }
88. ?>
89. </body>
90. </html>