OPINIONS WANTED
Posted on
16th Feb 2014 07:03 pm by
admin
This is my login page code, and I want your opinion on it please!
Code: // Login ~ CHECKS THE (USERNAME/PASSWORD) ENTERED BY THE USER THEN EITHER GRANTS ACCESS OR DENIEDS ACCESS
case "Login":
if(!preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Username"]) || !preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Password"])){
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
if(!$Login_Error){
$Login_Username = $DB->real_escape_string($_POST["F_1_Login_Username"]);
$Login_Password = $DB->real_escape_string(md5($_POST["F_1_Login_Password"]));
$Login_Check = $DB->query("SELECT id,username,account_status,suspended_timestamp FROM members WHERE username='$Login_Username' && password='$Login_Password'");
$Login_Status = $Login_Check->num_rows;
$Login_Information = $Login_Check->fetch_object();
if($Login_Status){
if($Login_Information->account_status == 0){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}elseif($Login_Information->account_status == 1){
if($Login_Information->suspended_timestamp < $TIMESTAMP){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET account_status='0' WHERE id='$USER_ID'");
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}else{
$Login_Error = "ACCOUNT SUSPENDED FOR 24 HOURS";
}
}else{
$Login_Error = "ACCOUNT BANNED";
}
}else{
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
}
if($USER_ID){
TEMPLATE(0,0);
SMOOTH_REDIRECT("Redirecting","index.php");
TEMPLATE(1,0);
}else{
LOGIN_FORCE($USER_ID, $Login_Error);
}
break;
The code above works 100%, I just want to see if I missed any security things or programmed it crappy
No comments posted yet
Your Answer:
Login to answer
344 
5 
Other forums
Code doesn't print what i wanted it too. Please help!
Hi there,
I wrote this code to mae it so that in the form before it that the user said their
Lining up columns nicely.
Hello everyone, I'm having problems with making columns line up properly. Here is my code:
need help in dynamic select menu in php
hi i have created a dynamic select menu using php. i have a problem in that which is when the user s
Any decent php formatter/beautifier/pretty printer?
Any decent php formatter/beautifier/pretty printer class/function?
I found the following whil
PHP Directory Listing Not working
Hey Guys,
I need help, I tried a ton of directory listing scripts and they all don't work. Al
TCP Sending Unsigned Char...
Hi...
I want to send over tcp/ip some data, i have the data in hexadecimal, and when i tr
Upload simple problem
Really confused!! I run once and it worked, but when i tried today...it didn't work
Which par
Referential Integrity problem when inserting into 2 tables at same time
Hello Everyone,
Im relativity new to PHP and MySQL and i have come up against a problem. i h
Keeping track of php uploads
Hello all.
I was looking at the way PHP handles file uploads.
It seems that PHP uses a tem
Ball movement
I want to move a ball from one point to another and it should hit a group of balls at the other end
