This is my login page code, and I want your opinion on it please!
Code: // Login ~ CHECKS THE (USERNAME/PASSWORD) ENTERED BY THE USER THEN EITHER GRANTS ACCESS OR DENIEDS ACCESS
case "Login":
if(!preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Username"]) || !preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Password"])){
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
if(!$Login_Error){
$Login_Username = $DB->real_escape_string($_POST["F_1_Login_Username"]);
$Login_Password = $DB->real_escape_string(md5($_POST["F_1_Login_Password"]));
$Login_Check = $DB->query("SELECT id,username,account_status,suspended_timestamp FROM members WHERE username='$Login_Username' && password='$Login_Password'");
$Login_Status = $Login_Check->num_rows;
$Login_Information = $Login_Check->fetch_object();
if($Login_Status){
if($Login_Information->account_status == 0){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}elseif($Login_Information->account_status == 1){
if($Login_Information->suspended_timestamp < $TIMESTAMP){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET account_status='0' WHERE id='$USER_ID'");
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}else{
$Login_Error = "ACCOUNT SUSPENDED FOR 24 HOURS";
}
}else{
$Login_Error = "ACCOUNT BANNED";
}
}else{
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
}
if($USER_ID){
TEMPLATE(0,0);
SMOOTH_REDIRECT("Redirecting","index.php");
TEMPLATE(1,0);
}else{
LOGIN_FORCE($USER_ID, $Login_Error);
}
break;
The code above works 100%, I just want to see if I missed any security things or programmed it crappy
for loop without same $i digits?
Hi, Can some guru please advise how can I accomplish this with a simple for loop ? I want to use for loop to echo all number from 000 to 999Quotefor($i=0;$i<1000;$i++){echo "$i";}My
server trace logs
could any one tell me from where do i get error logs in xMII??I want to check the reason for dtabase connection failure
PHP/Database issue
My friend is helping me make a database where you go to a certain webpage of my site and the page will use code to pull information from a database and display it on the page in a formatted way.Code:
Sql and php order list script problems
Hi im having a few problems with trying to get the coding right on a orders list ive done (or trying to do) for a custom shopping cart im making... For some reason it comes up with all the orders in
connect() succeeds but accept() does not?
Please help me with this problem. I'm working on a time-sensitive project where I'm using TCP sockets. I've got this problem where most of the time a connection cannot be made.
Filtering for a phrase using pregmatch
Here is my code which looks for addresses which start with ' src=" 'Code: [Select]preg_match_all('#src="(http://[^"]+)#', $value, $matches)I want to modify this so that it only returns
Beginner PHP code help
Hi I'm new to php but if someone could please read the question below and help it would be great.a)create an html page to enter a row number (1-6) in a textbox to choose a list of student records.b)
Cursor statement failed with errors
Following statement failed with the errors.
PHP login form help (Done Most of It)
Hi i am having a problem, when i try logging in it is always saying "Invalid Login" im not sure what is going wrong, a week ago i had it working. I cant remember the change i did but i know
Hardcopy printing is to wide
I want to make a hardcopy at runtime of my active form like this