Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $user = $_POST["txtUser"];
- $pass = $_POST["txtPass"];
- include("connect.php");
- $rs = mysql_query("SELECT username, password, catId FROM member WHERE username='$user' and password = '".md5($pass)."'" );
- while($row = mysql_fetch_assoc($rs))
- {
- $usernamedb = $row['username'];
- $key = $row['password'];
- $catiddb = $row['catId'];
- }
- if($user == "" || $pass == "")
- {
- header("location:index.php?page=login&err=Username or Password is not filled");
- }
- if($usernamedb == "")
- {
- header("location:index.php?page=login&err=Username is not registered");
- }
- if($usernamedb == $user && $key != md5($pass))
- {
- header("location:index.php?page=login&err=Password is wrong");
- }
- if($usernamedb == $user && $key == md5($pass))
- {
- $_SESSION["USER"] = $usernamedb;
- $_SESSION["ID"] = $catiddb;
- header("location:controlpanel.php");
- }
- ?>
Add Comment
Please, Sign In to add comment