Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include("./global.php");
- __autoload("database");
- if(isset($_POST['login_submit'])) {
- // Check user's permission
- $username = mysql_real_escape_string(trim($_POST['username']));
- $password = mysql_real_escape_string(trim($_POST['password']));
- if($username == "" or $password == "") {
- echo("Please enter all the fields");
- } else {
- $result = mysql_query("SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."'");
- if(!($row = mysql_fetch_assoc($result))) {
- echo("Username was not found.");
- } elseif ($row['password'] != $password) {
- echo("Password was wrong.");
- } else {
- // Add sessions
- $_SESSION['uid'] = $row['uid'];
- $_SESSION['username'] = $row['username'];
- $_SESSION['permission'] = $row['permission'];
- // Sort admin's from admins
- if(isset($_SESSION['permission']) > 2) {
- header("Location: admin");
- } else {
- header("Location: index.php");
- }
- }
- }
- } else {
- __style("login");
- }
- ?>
Add Comment
Please, Sign In to add comment