<?phpsession_start(); if(isset($_GET['logout'])){ unset($_SESSION['user_

1. <?php
2. session_start();
3. if(isset($_GET['logout']))
4. {
5.     unset($_SESSION['user_logged_in']);
6.     unset($_SESSION['nickname']);
7.     session_regenerate_id();
8.     header("Location: members.php");
9.     exit();
10. }
11. else if(!empty($_POST['uname']) && !empty($_POST['pword']))
12. {
13.     include("mysql.php");
14.     $user = mysql_real_escape_string(strip_tags($_POST['uname']));
15.     $pass = mysql_real_escape_string(strip_tags($_POST['pword']));
16.     $result = mysql_query("SELECT * FROM accounts WHERE login='".$user."'") or die("error");
17.     if(mysql_num_rows($result)==1)
18.     {
19.         $row = mysql_fetch_array($result);
20.         if($pass == $row['password'])
21.         {
22.             $location = empty($_SESSION['requestedpage']) ? "index.php" : $_SESSION['requestedpage'];
23.             session_regenerate_id();
24.            
25.             $_SESSION['user_logged_in'] = "user is logged in"; // This can be set to anything you like!
26.             $_SESSION['nickname'] = $row['login'];
27.            
28.             header("Location: ".$location);
29.             $_SESSION['requestedpage'] = "";
30.                  
31.             exit();
32.         }
33.         else
34.         {
35.             header("Location:loginpage.php");
36.             exit();
37.         }
38.     }
39.     else
40.     {
41.         header("Location:loginpage.php");
42.         exit();
43.     }
44. }
45. else
46. {
47.     ?>
48.     <h1>Error</h1>
49.     <p>
50.     You should access this page through <a href="loginpage.php">the login page</a>
51.     </p>
52.     <?php
53. }
54. ?>