<?php require ("Includes/Header.php");if (!$User) { ?><form acti

1. <?php
2. require ("Includes/Header.php");
3. if (!$User) {
4. ?>
5.  
6.  
7.  
8.  
9. <form action='' method='POST'>
10. <table cellspacing='0' cellpadding='0' id='r'>
11. <tr>
12. <td>
13. Username:
14. </td>
15. <td>
16. <input type="text" placeholder='Username...' name='Username' />
17. </td>
18. </tr>
19. <tr>
20. <td>
21. Password:
22. </td>
23. <td>
24. <input type="password" placeholder='Password...' name='Password' />
25. </td>
26. </tr>
27. <tr>
28. <td>
29. <input type='submit' name='Submit' value='Log in' />
30. </td>
31. </tr>
32. </table>
33. </form>
34.  
35.  
36. <?php
37.  
38. $Username = mysql_real_escape_string(strip_tags(stripslashes($_POST['Username'])));
39. $Password = mysql_real_escape_string(strip_tags(stripslashes(sha1($_POST['Password']))));
40. $Submit = mysql_real_escape_string(strip_tags(stripslashes($_POST['Submit'])));
41. $IP = $_SERVER['REMOTE_ADDR'];
42.  
43. if ($Submit) {
44.  
45. $getUser = mysql_query("SELECT * FROM Members WHERE Username='".$Username."' AND Password='".$Password."'");
46. $UserCorrect = mysql_num_rows($getUser);
47.  
48. if (!$Username||!$Password) {
49.  
50. echo "Please enter all fields!";
51.  
52. }
53. elseif (!$Password) {
54.  
55. echo "Please enter all fields!";
56.  
57. }
58.  
59. elseif ($UserCorrect < 1) {
60.  
61. echo "The username '".$Username."' doesn't exist or the password is incorrect.";
62.  
63. }
64. else {
65.  
66. $_SESSION['User']=$Username;
67. mysql_query("UPDATE Members SET IP='".$IP."' WHERE ID='".$myU->ID."'");
68. header("Location: /");
69.  
70. }
71.  
72. }
73.  
74. }
75.  
76. ?>