Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //session_start();
- /*
- * To be able to login the following things need to be true
- * correct username/password
- * username must be validated
- * username must not be marked as logged in?
- */
- require_once("mysql.php");
- mysqlConnect();
- //checkCreds();
- function checkCreds($user, $pass){
- //login
- //echo "User: $user Pass: $pass #";
- $result = mysql_query("SELECT * FROM user WHERE username = \"$user\"");
- $row = mysql_fetch_array($result);
- if ($row['password'] == $pass){ //correct password for the user
- $_SESSION['uName'] = $user;
- mysql_query("UPDATE user SET sessionID = \"".session_id()."\" WHERE username = $user");
- isLoggedIn($user);
- }else{//bad password
- isLoggedIn("");
- }
- }
- function isLoggedIn($uname){
- //if the user is logged in, then display a welcome message
- if ($uname == ""){
- //user is not logged in
- echo "<div id=\"login2\">";
- echo "<form action=\"serverside/login.php\" method=\"post\">";
- echo "Username: ";
- echo "<input type=\"text\" name=\"uname\" id=\"loginUname\" class=\"loginField\">";
- echo "Password: ";
- echo "<input type=\"password\" name=\"pass\" id=\"loginPass\" class=\"loginField\">";
- echo "<input type=\"button\" value=\"Submit\" onclick=\"mycatch()\" class=\"loginField\"/>";
- echo "</form>";
- echo "<a href=\"password.php\">Forgot your password?</a><br />";
- echo "<a href=\"register.php\">Register as a new user</a>";
- echo "</div>";
- }else{
- //TODO:
- //check that the username, and session id are correct
- //ie. upon logging in the db will store the (then) current session id
- //we can check that session id + name each time we send a page
- //will cost as an extra lookup, but is more secure (session cookie hasn't been messed with to trick us into thinking it's for a logged in user)
- echo "Welcome ".$uname;
- }
- //$ip= $_SERVER['REMOTE_ADDR'];
- //echo "<b>IP Address= $ip#</b>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement