Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php session_start();?>
- <!doctype html>
- <head>
- <meta charset="utf-8">
- <meta name="description" content="">
- <meta name="keywords" content="" />
- <meta name="author" content="Matthew Day">
- <title>Neptune Direct :: Members</title>
- <link rel="stylesheet" href="style/default.css">
- </head>
- <body>
- <div id='container'>
- <div id='header'>
- <img src='img/logo.png' /><br />
- </div>
- <div id="navigation">
- <?php include('application/nav.php'); ?>
- </div>
- <div id="content-container">
- <div id="content">
- <?php
- $username = $_POST['username'];
- $password = sha1($_POST['password']);
- $conn = mysql_connect("localhost", "xmattydx_admin", "m4ttyd!");
- if (!$conn) {
- echo "Unable to connect to DB: " . mysql_error();
- exit;
- }
- if (!mysql_select_db("xmattydx_neptune")) {
- echo "Unable to select xmattydx_neptune: " . mysql_error();
- exit;
- }
- $sql = "SELECT * FROM members WHERE username = '" . $username . "' AND password = '" . $password . "'";
- $result = mysql_query($sql);
- if (!$result) {
- echo "Could not successfully run query ($sql) from DB: " . mysql_error();
- exit;
- }
- if (mysql_num_rows($result) == 0) {
- echo "No rows found, nothing to print so am exiting";
- }
- while ($row = mysql_fetch_assoc($result)) {
- if ($row['username'] == $username || $row['password'] == $password) {
- $user_id = $row['customer_id'];
- $un = $row['username'];
- $_SESSION['member_id'] = $user_id;
- $_SESSION['username'] = $un;
- header('Location:index.php');
- exit;
- } else {
- echo "Username or Password was in correct, please try again in 1 minute.";
- }
- }
- ?>
- </div>
- </div>
- </div>
- </body>
- </html>
Add Comment
Please, Sign In to add comment