Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if ( !$_SESSION['uid'] ) {
- if ( !$_POST['submit'] ) {
- ?>
- <form action="?pages/Login" method="post">
- <table>
- <tr>
- <td>Username</td>
- <td><input type="text" name="username"></td>
- </tr>
- <tr>
- <td>Password</td>
- <td><input type="password" name="password"></td>
- </tr>
- <td colspan="2">
- <input type="submit" value="Login" name="submut">
- </td>
- </tr>
- </table>
- </form>
- <?php
- } else {
- $username = $_POST['username'];
- $password = md5($_POST['password']);
- $errors = array();
- if ( !$username ) {
- $errors[1] = "Please enter a username.";
- }
- if ( !$password ) {
- $errors[2] = "Please enter a password";
- }
- $sql = "SELECT * FROM `users3` WHERE `name`='$username'";
- $res = mysql_query($sql) or die(mysql_error());
- $exists = mysql_num_rows($res);
- if ( $exists == 0 ) {
- $errors[3] = "The username does not exist!";
- } else {
- $sql = "SELECT * FROM `users3` WHERE `name`='$username' AND `password`='$password'";
- $res = mysql_query($sql) or die(mysql_error());
- $exists = mysql_num_rows($res);
- if ( $exists == 0 ) {
- $errors[4] = "The username and password do not match.";
- }
- }
- if ( count($errors) > 0 ) {
- echo "<ul>";
- foreach ( $errors as $error ) {
- echo "<li>";
- echo $error;
- echo "</li>";
- }
- echo "</ul>";
- } else {
- $sql = "SELECT * FROM `users3` WHERE `name`='$username' AND `password`='$password'";
- $res = mysql_query($sql) or die(mysql_error());
- $res = mysql_fetch_assoc($res);
- $_SESSION['uid'] = $res['user_id'];
- echo "You have successfully logged in! <a href=\"?page=Home\">Home</a><br><br>";
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment
