Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(isset($_REQUEST['login_button'])||$_REQUEST['auto']==1){
- require '../_database/database.php';
- $errmsg_arr = array();
- $errflag = false;
- $username = mysqli_real_escape_string($database,$_REQUEST['username']);
- $password= mysqli_real_escape_string($database,$_REQUEST['password']);
- if($username == '') {
- $errmsg_arr[] = 'Usuario no encontrado';
- $errflag = true;
- }
- if($password == '') {
- $errmsg_arr[] = 'Contraseña no encontrado';
- $errflag = true;
- }
- if($errflag) {
- $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
- session_write_close();
- header("location: authentication-check.php");
- exit();
- }
- $sql="SELECT user_username,user_active,user_password FROM user WHERE user_username='$username'AND user_password='$password'";
- $result= mysqli_query($database,$sql) or die(mysqli_errno());
- $trws= mysqli_num_rows($result);
- if($trws==1){
- $rws= mysqli_fetch_array($result);
- if($rws["user_active"] == 1){
- _SESSION['user_ip']=$rws['user_ip'];
- $user_ip=$_SERVER['REMOTE_ADDR'];
- $sql3="UPDATE user SET user_ip='$user_ip'WHERE user_username = '$temp'"; mysqli_query($database,$sql3)or die(mysqli_error($database)); header("location:../perfil.php?user_username=$username&request=login&status=success");
- }else{
- $errmsg_arr[] = 'este usuario a sido banneado';
- }
- } else {
- $errmsg_arr[] = 'Usuario y contraseña no fueron encontrados';
- $errflag = true;
- if($errflag) {
- $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
- session_write_close();
- header("location: ../components/authentication-check.php");
- exit();
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment