<?php // Connects to your Database mysql_connect("127.0.0.1", "root",

1. <?php
2.  
3. // Connects to your Database
4.  
5. mysql_connect("127.0.0.1", "root", "") or die(mysql_error());
6.  
7. mysql_select_db("qciousbeautyspa") or die(mysql_error());
8.  
9.  
10. //Checks if there is a login cookie
11.  
12. if(isset($_COOKIE['ID_my_site']))
13.  
14.  
15. //if there is, it logs you in and directes you to the members page
16.  
17. {
18. $username = $_COOKIE['ID_my_site'];
19.  
20. $pass = $_COOKIE['Key_my_site'];
21.  
22. $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
23.  
24. while($info = mysql_fetch_array( $check ))
25.  
26. {
27.  
28. if ($pass != $info['password'])
29.  
30. {
31.  
32. }
33.  
34. else
35.  
36. {
37.  
38. header("Location:system.html");
39.  
40.  
41.  
42. }
43.  
44. }
45.  
46. }
47.  
48.  
49. //if the login form is submitted
50.  
51. if (isset($_POST['submit'])) { // if form has been submitted
52.  
53.  
54.  
55. // makes sure they filled it in
56.  
57. if(!$_POST['username'] | !$_POST['pass']) {
58.  
59. die('You did not fill in a required field.');
60.  
61. }
62.  
63. // checks it against the database
64.  
65.  
66.  
67. if (!get_magic_quotes_gpc()) {
68.  
69. $_POST['email'] = addslashes($_POST['email']);
70.  
71. }
72.  
73. $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
74.  
75.  
76.  
77. //Gives error if user dosen't exist
78.  
79. $check2 = mysql_num_rows($check);
80.  
81. if ($check2 == 0) {
82.  
83. die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
84.  
85. }
86.  
87. while($info = mysql_fetch_array( $check ))
88.  
89. {
90.  
91. $_POST['pass'] = stripslashes($_POST['pass']);
92.  
93. $info['password'] = stripslashes($info['password']);
94.  
95. $_POST['pass'] = md5($_POST['pass']);
96.  
97.  
98.  
99. //gives error if the password is wrong
100.  
101. if ($_POST['pass'] != $info['password']) {
102.  
103. die('Incorrect password, please try again.');
104.  
105. }
106.  
107.  
108. else
109.  
110. {
111.  
112.  
113. // if login is ok then we add a cookie
114.  
115. $_POST['username'] = stripslashes($_POST['username']);
116.  
117. $hour = time() + 3600;
118.  
119. setcookie(ID_my_site, $_POST['username'], $hour);
120.  
121. setcookie(Key_my_site, $_POST['pass'], $hour);
122.  
123.  
124.  
125. //then redirect them to the members area
126.  
127. header("Location:system.html");
128.  
129. }
130.  
131. }
132.  
133. }
134.  
135. else
136.  
137. {
138.  
139.  
140.  
141. // if they are not logged in
142.  
143. ?>
144.  
145. <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
146. <table border="0" align="center">
147. <tr><td width="595" align="center" bgcolor="#FFCCCC"><h3>Please Login </h3></td></tr>
148.  
149. <tr><td bgcolor="#FFCCFF">
150. <br /><br /><br />
151. <table width="466" border="0" align="center">
152.  
153.  
154.  
155. <tr><td width="115" >Username:</td>
156. <td width="341">
157.  
158. <input type="text" name="username" maxlength="100">
159.  
160. </td></tr>
161.  
162. <tr><td>Password:</td><td>
163.  
164. <input type="password" name="pass" maxlength="100" />
165.  
166. </td></tr>
167.  
168. <tr><td colspan="2" align="center">
169.  
170. <input type="submit" name="submit" value="Login" align="center">
171.  
172. </td></tr>
173.  
174. </table>
175. </td></tr>
176. </table>
177.  
178. </form>
179. <table>
180. <tr>
181. <td><a href="reg.php">Click Here For New Staff</a></td>
182. </tr>
183. </table>
184. <?php
185.  
186. }
187.  
188.  
189.  
190. ?>