Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include '../web/init.php';
- if (empty($_POST) === false) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- //echo $username, '', $password;
- //if (user_exists('Wellz') === true) {
- //echo 'exists';
- // }
- if (empty($username) === true || empty($password) === true){
- $errors[] = 'You need to enter a username and password.';
- } else if (user_exists($username) === false) {
- $errors[] = 'Username not found.';
- } else if (user_active($username) === false) {
- $errors[] = 'You need to activate your account.';
- } else {
- $login = login($username, $password);
- if ($login === true) {
- $errors[] = 'That username/password is not correct.';
- } else {
- //set the users session
- //die($login);
- $_SESSION['id'] = $login;
- header('Location: admin.php');
- exit($login);
- //redirect user to their page
- }
- }
- print_r($errors);
- }
- <?php
- function logged_in(){
- return (isset($_SESSION['id'])) ? true : false;
- }
- //checks to see if that particular user exists in the database
- function user_exists($username){
- $username = sanitize($username);
- $query = mysql_query("SELECT COUNT(id) FROM users WHERE Username = '$username'");
- return (mysql_result($query, 0) == 1) ? true : false;
- }
- //a condition that checks whether the user has activated their account
- function user_active($username){
- $username = sanitize($username);
- $query = mysql_query("SELECT COUNT(id) FROM users WHERE Username = '$username' AND Active = 1");
- return (mysql_result($query, 0) == 1) ? true : false;
- }
- function id_from_username($username){
- $username = sanitize($username);
- return mysql_result(mysql_query("SELECT id FROM users WHERE Username = '$username'"), 0, 'id');
- }
- function login($username, $password){
- $id = id_from_username($username);
- $username = sanitize($username);
- $password = md5($password);
- return (mysql_result(mysql_query("SELECT COUNT(id) FROM users WHERE Username = '$username' AND Password = '$password'"), 0) == 1) ? $id : false;
- }
- ?>
- <?php
- if (isset($_SESSION['id'])) {
- echo 'Logged in';
- } else {
- echo 'Not Logged in';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement