// init.php<?phpsession_start();//error_reporting(0);require 'config.p

1. // init.php
2.  
3. <?php
4. session_start();
5. //error_reporting(0);
6. require 'config.php';
7. require 'general.php';
8. require 'users.php';
9. ?>
10.  
11.  
12.  
13. //users.php
14.  
15. <?php
16. function user_exists($username) {
17.     $username = sanitize($username);
18.     $query = mysql_query("SELECT COUNT(`uid`) FROM `users` WHERE `username` = '$username'");
19.     return (mysql_result($query, 0) == 1) ? true : false;
20. }
21. function user_active($username) {
22.     $username = sanitize($username);
23.     $query = mysql_query("SELECT COUNT(`uid`) FROM `users` WHERE `username` = '$username' AND `active` = 1");
24.     return (mysql_result($query, 0) == 1) ? true : false;
25. }
26. function uid_from_username($username) {
27.     $username = sanitize($username);
28.     $query = mysql_query("SELECT `uid` FROM `users` WHERE `username` = '$username'");
29.     return mysql_result($query, 0, 'uid');
30. }
31. function login($username, $password) {
32.     $uid = uid_from_username($username);
33.    
34.     $username = sanitize($username);
35.     $password = md5($password);
36.    
37.     $query = mysql_query("SELECT COUNT (`uid`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'");
38.     return (mysql_result($query, 0) == 1) ? $uid : false;
39. }
40. ?>
41.  
42.  
43.  
44. //general.php
45.  
46. <?php
47. function sanitize ($data) {
48.     return mysql_real_escape_string($data);
49. }
50. ?>
51.  
52.  
53.  
54.  
55. //login.php
56.  
57. <?php
58. include 'init.php';
59.  
60. //if (user_exists('sertac') === true ) {
61. //  echo 'exists';
62. //} else {
63. //  echo 'no';
64. //}
65. //die();
66.  
67. if (empty($_POST) === false) {
68.     $username = $_POST['username'];
69.     $password = $_POST['password'];
70.    
71.     if (empty($username) === true || empty($password) === true) {
72.             $errors[] = 'You need to enter a username and password.';
73.     } else if (user_exists($username) === false) {
74.         $errors[] = 'We can\'t find that username. Have you registered?';
75.     } else if (user_active($username) === false) {
76.         $errors[] = 'You haven\'t activated your account';
77.     } else {
78.         $login = login($username, $password);
79.         if ($login === false) {
80.             $errors[] = 'That username/password combination is incorrect.';
81.         } else {
82.             //echo 'ok';
83.             //die($login);
84.             $_SESSION['uid'] = $login;
85.             header('location: index.php');
86.             exit();
87.         }
88.     }
89.    
90.     print_r($errors);
91. }
92. ?>