<?phpdate_default_timezone_set('America/New_York');$link = mysql_connect('lo

1. <?php
2. date_default_timezone_set('America/New_York');
3. $link = mysql_connect('localhost','user','pass');
4. if (!$link){
5.     die('could not connect to database');
6. }
7. mysql_select_db('database name');
8. if (!isset($_SESSION['on'])){
9.     session_start();
10.     $_SESSION['on'] = 1;
11. }
12. $usr['status'] = 0;
13. if (isset($_SESSION['status']) === true){
14.     $usr['status'] = $_SESSION['status'];
15. }
16. if (isset($_POST['login']) === true){
17.     $uname = mysql_real_escape_string($_POST['uname']);
18.     $upass = hash("sha512",$_POST['upass']);
19.     $login = mysql_query("SELECT * FROM `site_users` WHERE `login` = '".$uname."' AND `pass` = '".$upass."' AND `status` > '1'");
20.     if (mysql_num_rows($login)){
21.         $user = mysql_fetch_array($login);
22.         $_SESSION['name'] = $user['name'];
23.         $usr['name'] = $user['name'];
24.         $_SESSION['status'] = 2;
25.         $usr['status'] = 2;
26.     }
27. }
28. elseif (isset($_POST['logout']) === true){
29.     unset($_SESSION['status']);
30. }
31. if ($usr['status'] === 0){
32.     echo '<form method="post" action="#">
33.     <input class="text" type="text" value="Username" name="uname" size="8" />
34.     <input class="password" type="password" value="******" name="upass" size="8" />
35.     <input class="submit" type="submit" name="login" value="Login" />
36.     </form>';
37. }
38. else {
39.     echo '<form method="post" action="#">
40.     <input class="submit" type="submit" name="logout" value="Logout" />
41.     </form>';
42. }
43. ?>