<?phpsession_start();include "processerror.php";include "webstats.php";

1. <?php
2. session_start();
3.  
4. include "processerror.php";
5. include "webstats.php";
6. set_error_handler("logmyerror");
7.  
8. $host = "localhost";
9. $user="root";
10. $pass="09k6CcsGxBq7p";
11. $db="aadatabase";
12.  
13. $connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!");
14.  
15.  
16. mysql_select_db($db) or die ("Unable to select database!");
17.  
18.  
19. $_SESSION["user"] = $_POST["txtUsername"];
20.  
21. $query = "SELECT `PassWord` FROM `logins` WHERE `UserName` = '" . $_POST["txtUsername"] . "'";
22.  
23. $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error());
24.  
25. //Login
26. if(mysql_num_rows($result) == 1)
27. {
28.     $pwd = mysql_fetch_row($result);
29.     if($pwd[0] !=$_POST["txtPassword"]){
30.         $_SESSION["user"] = $_POST["txtUsername"];
31.         // If Logged in check new passwords are same
32.        
33.            
34.             $query = "UPDATE `".$db."`.`logins` SET `PassWord` = '" .$_POST["txtPassword"]."' WHERE `UserName` = '" . $_POST["txtUsername"] . "'";
35.             //echo $query;
36.             if(mysql_query($query)){
37.                 header("Location: /Forum/index.html");
38.            
39.             mysql_free_result($result);
40.            
41.        
42.        
43.     } else {
44.         // Cant Login
45.         trigger_error ("Incorrect Username", E_USER_NOTICE);
46.         echo "Incorrect username or password";
47.     }
48. }
49.  
50. else {
51.     header("Location: login.php");
52. }
53.  
54. mysql_close($connection);
55. ?>