Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- define('DB_NAME', 'OCDL');
- define('DB_USER', '*');
- define('DB_PASSWORD', '*');
- define('DB_HOST', 'localhost');
- $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
- if (!$link) {
- die('Could not connect: ' . mysql_error());
- }
- $db_selected = mysql_select_db(DB_NAME, $link);
- if (!$db_selected) {
- die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
- }
- $username = $_POST['username'];
- $password = $_POST['password'];
- $qry= "SELECT * FROM members WHERE username='$username';";
- $result=mysql_query($qry);
- $rows=mysql_fetch_object($result);
- //Check whether the query was successful or not
- if($result) {
- if(mysql_num_rows($result) == 1) {
- if($rows->authlevel == "admin") { //if it's not an admin no need to check password
- if($password == $rows->password) {
- session_regenerate_id();
- $member = mysql_fetch_assoc($result);
- $_SESSION['SESS_MEMBER_ID'] = $member['username'];
- $_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
- $_SESSION['SESS_LAST_NAME'] = $member['username'];
- session_write_close();
- /*header("location: admin_index.php");*/
- exit();
- echo '<script type="text/javascript">alert("' . $_SESSION['SESS_FIRST_NAME'] . '")</script>';
- echo '<script type="text/javascript">alert("' . $result . '")</script>';
- echo '<script type="text/javascript">alert("' . $member . '")</script>';
- } else {
- header("location: login-failed.php"); //change for bad password etc.
- }
- } else {
- header("location: login-failed.php"); //change for invalid user level ( you do not
- }
- } else {
- header("location: login-failed.php");
- }
- } else {
- die("Query failed"); //change for username not found, or unknown username
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement