<?phpinclude("database.php");session_start();if (!$con) { die('Could

1. <?php
2. include("database.php");
3. session_start();
4. if (!$con)
5. {
6. die('Could not connect: ' . mysql_error());
7. }
8. if(isset($_SESSION["Username"]))
9. {
10. $user = $_SESSION["Username"];
11. $pass = $_SESSION["Password"];
12. }
13. else
14. {
15. $user = $_POST["User"];
16. $pass = $_POST["Password"];
17. $_SESSION['Username'] = $user;
18. $_SESSION['Password'] = $pass;
19. $escuser = mysql_real_escape_string($user);
20. $escpass = mysql_real_escape_string($pass);
21. }
22. $query = "SELECT * FROM playerinfo WHERE user = '$escuser'";
23. $result = mysql_query($query);
24. $username_exist = mysql_num_rows($result);
25. if($username_exist == 0)
26. {
27. echo('That username does not exist');
28. echo '<a href="index.php"">Go back</a>';
29. unset($_SESSION['Username']);
30. unset($_SESSION['Password']);
31. die;
32. }
33. $row = mysql_fetch_row($result);
34. if($row[1] !== $escpass)
35. {
36. echo('Wrong password!');
37. echo '<a href="index.php"">Go back</a>';
38. unset($_SESSION['Username']);
39. unset($_SESSION['Password']);
40. }
41. $str = '<b><font size="4" color="#000080"> Welcome to the control panel! </font></b>';
42. echo $str;
43. echo "<table>";
44. echo "
45. <tr>
46. <td>Username:</td>
47. <td>$row[0]</td>
48. </tr>";
49. echo "
50. <tr>
51. <td>Kills:</td>
52. <td>$row[2]</td>
53. </tr>";
54. echo "
55. <tr>
56. <td>Deaths:</td>
57. <td>$row[3]</td>
58. </tr>";
59. echo "
60. <tr>
61. <td>Score:</td>
62. <td>$row[4]</td>
63. </tr>";
64. echo "
65. <tr>
66. <td>Money:</td>
67. <td> $$row[5]</td>
68. </tr>";
69. echo "</table>";
70. echo '<a href="NewPassword.php"">New Password</a>';
71. echo '<p><a href="Stats.php"">Look a players stats up</a></p>'
72. ?>