Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $username = $_POST['username'];
- $password = $_POST['password'];
- if ($username&&$password)
- {
- include ('config.php');
- $query = mysql_query("SELECT * FROM users WHERE username='$username'");
- $username = strtolower($username);
- if (mysql_num_rows($query)!=0)
- {
- while ($row = mysql_fetch_assoc($query))
- {
- $dbusername = $row['username'];
- $dbpassword = $row['password'];
- $firstname = $row['firstname'];
- $lastname = $row['lastname'];
- $admin = $row['admin'];
- }
- // check to see if they match
- if ($username==$dbusername&&md5($password)==$dbpassword)
- {
- $_SESSION['username']=$username;
- $_SESSION['firstname']=$firstname;
- $_SESSION['lastname']=$lastname;
- $_SESSION['admin']=$admin;
- $date = date("Y:m:d:H:i:s");
- $result = mysql_query("UPDATE users SET lastsignin='$date' WHERE username='$username' LIMIT 1") or print ("Can't update entry.<br />" . mysql_error());
- ?>
- <!-- redirect to homepage after logging in -->
- <script type="text/javascript">
- <!--
- window.location = "index.php"
- //-->
- </script>
- <?php
- }
- else
- echo "<error>Incorrect password!</error>";
- }
- else
- die("<error>That user doesn't exist " . mysql_error() . "</error>");
- }
- else
- die("<error>Please enter a user name and password</error>");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement