Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!($user -> LoggedIn()))
- {
- if (isset($_POST['loginBtn']))
- {
- $username = $_POST['username'];
- $password = $_POST['password'];
- if (!empty($username) && !empty($password))
- {
- if (!ctype_alnum($username) || strlen($username) < 4 || strlen($username) > 15)
- {
- echo '<div class="g_12"><div class="alert alert-danger"><strong>ERROR</strong>:Invalid username format</div></div>';
- }
- else
- {
- $SQLCheckLogin = $odb -> prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username AND `password` = :password");
- $SQLCheckLogin -> execute(array(':username' => $username, ':password' => SHA1($password)));
- $countLogin = $SQLCheckLogin -> fetchColumn(0);
- if ($countLogin == 1)
- {
- $SQLGetInfo = $odb -> prepare("SELECT `username`, `ID`,`status` FROM `users` WHERE `username` = :username AND `password` = :password");
- $SQLGetInfo -> execute(array(':username' => $username, ':password' => SHA1($password)));
- $userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
- if ($userInfo['status'] == 0)
- {
- $_SESSION['username'] = $userInfo['username'];
- $_SESSION['ID'] = $userInfo['ID'];
- $Query = $odb-> query("INSERT INTO `logins` VALUES ('$username','$ip','$newcount','$time')");
- echo '<div class="g_12"><div class="alert alert-success"><strong>Success</strong>: You are now being redirected to Dashboard</div></div><meta http-equiv="refresh" content="2;url=index.php">';
- }
- else
- {
- echo '<div class="g_12"><div class="alert alert-danger"><strong>ERROR</strong>: Your user was banned</div></div>';
- }
- }
- else
- {
- echo '<div class="g_12"><div class="alert alert-danger"><strong>ERROR</strong>: Login Failed</div></div>';
- }
- }
- }
- else
- {
- echo '<div class="g_12"><div class="alert alert-danger"><strong>ERROR</strong>: Please fill in all fields</div></div>';
- }
- }
- }
- else
- {
- header('location: index.php');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement