Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require ("Includes/Header.php");
- if (!$User) {
- ?>
- <form action='' method='POST'>
- <table cellspacing='0' cellpadding='0' id='r'>
- <tr>
- <td>
- Username:
- </td>
- <td>
- <input type="text" placeholder='Username...' name='Username' />
- </td>
- </tr>
- <tr>
- <td>
- Password:
- </td>
- <td>
- <input type="password" placeholder='Password...' name='Password' />
- </td>
- </tr>
- <tr>
- <td>
- <input type='submit' name='Submit' value='Log in' />
- </td>
- </tr>
- </table>
- </form>
- <?php
- $Username = mysql_real_escape_string(strip_tags(stripslashes($_POST['Username'])));
- $Password = mysql_real_escape_string(strip_tags(stripslashes(sha1($_POST['Password']))));
- $Submit = mysql_real_escape_string(strip_tags(stripslashes($_POST['Submit'])));
- $IP = $_SERVER['REMOTE_ADDR'];
- if ($Submit) {
- $getUser = mysql_query("SELECT * FROM Members WHERE Username='".$Username."' AND Password='".$Password."'");
- $UserCorrect = mysql_num_rows($getUser);
- if (!$Username||!$Password) {
- echo "Please enter all fields!";
- }
- elseif (!$Password) {
- echo "Please enter all fields!";
- }
- elseif ($UserCorrect < 1) {
- echo "The username '".$Username."' doesn't exist or the password is incorrect.";
- }
- else {
- $_SESSION['User']=$Username;
- mysql_query("UPDATE Members SET IP='".$IP."' WHERE ID='".$myU->ID."'");
- header("Location: /");
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment