Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //login.php
- require_once 'functions.php';
- $error = $user = $pass = "";
- if (isset($_POST['user'])){
- $user = sanitizeString($_POST['user']);
- $pass = sanitizeString(md5($_POST['pass']));
- if ($user == "" || $pass == ""){
- $error = "Not all fields were entered<br />";
- }
- else{
- $query = "SELECT user,pass,admin,allowed FROM members
- WHERE user='$user' AND pass='$pass' AND allowed='true'";
- if (mysql_num_rows($result=queryMysql($query)) == 0){
- $error = "Username / Password invalid<br />";
- }
- else{
- $_SESSION['user'] = $user;
- $row = mysql_fetch_assoc($result);
- $_SESSION['is_admin'] = $row['admin'];
- redirect_to("index.php");
- }
- }
- }
- require_once 'header.php';
- echo <<<_END
- <form method='post' action='login.php'>$error
- <table id="logintable">
- <tr><td>Username</td><td><input type='test' maxlength='16' name='user' value='$user' /></td></tr>
- <tr><td>Password</td><td><input type='password' maxlength='16' name='pass' value='' /></td></tr>
- <tr><td></td><td><input class="submitbutton" type='submit' value='Login »' /></td></tr>
- </table>
- </form>
- _END;
- ?>
- <?php require_once 'footer.php';?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
