<?php require ("Includes/Header.php");if (!$User) { ?><form acti

1. <?php
2. require ("Includes/Header.php");
3. if (!$User) {
4. ?>
5.  
6.  
7.  
8.  
9. <form action='' method='POST'>
10. <table cellspacing='0' cellpadding='0' id='r'>
11. <tr>
12. <td>
13. Username:
14. </td>
15. <td>
16. <input type="text" placeholder='Username...' name='Username' />
17. </td>
18. </tr>
19. <tr>
20. <td>
21. Password:
22. </td>
23. <td>
24. <input type="password" placeholder='Password...' name='Password' />
25. </td>
26. </tr>
27. <tr>
28. <td>
29. <input type='submit' name='Submit' value='Log in' />
30. </td>
31. </tr>
32. </table>
33. </form>
34.  
35.  
36. <?php
37.  
38. $Username = mysql_real_escape_string(strip_tags(stripslashes($_POST['Username'])));
39. $Password = mysql_real_escape_string(strip_tags(stripslashes(sha1($_POST['Password']))));
40. $Submit = mysql_real_escape_string(strip_tags(stripslashes($_POST['Submit'])));
41.  
42. if ($Submit) {
43.  
44. $getUser = mysql_query("SELECT * FROM Members WHERE Username='".$Username."' AND Password='".$Password."'");
45. $UserCorrect = mysql_num_rows($getUser);
46.  
47. if (!$Username||!$Password) {
48.  
49. echo "Please enter all fields!";
50.  
51. }
52. elseif (!$Password) {
53.  
54. echo "Please enter all fields!";
55.  
56. }
57.  
58. elseif ($UserCorrect < 1) {
59.  
60. echo "The username '".$Username."' doesn't exist or the password is incorrect.";
61.  
62. }
63. else {
64.  
65. $_SESSION['User']=$Username;
66. header("Location: /");
67.  
68. }
69.  
70. }
71.  
72. }
73.  
74. ?>