This is my login page code, and I want your opinion on it please!
Code: // Login ~ CHECKS THE (USERNAME/PASSWORD) ENTERED BY THE USER THEN EITHER GRANTS ACCESS OR DENIEDS ACCESS
case "Login":
if(!preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Username"]) || !preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Password"])){
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
if(!$Login_Error){
$Login_Username = $DB->real_escape_string($_POST["F_1_Login_Username"]);
$Login_Password = $DB->real_escape_string(md5($_POST["F_1_Login_Password"]));
$Login_Check = $DB->query("SELECT id,username,account_status,suspended_timestamp FROM members WHERE username='$Login_Username' && password='$Login_Password'");
$Login_Status = $Login_Check->num_rows;
$Login_Information = $Login_Check->fetch_object();
if($Login_Status){
if($Login_Information->account_status == 0){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}elseif($Login_Information->account_status == 1){
if($Login_Information->suspended_timestamp < $TIMESTAMP){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET account_status='0' WHERE id='$USER_ID'");
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}else{
$Login_Error = "ACCOUNT SUSPENDED FOR 24 HOURS";
}
}else{
$Login_Error = "ACCOUNT BANNED";
}
}else{
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
}
if($USER_ID){
TEMPLATE(0,0);
SMOOTH_REDIRECT("Redirecting","index.php");
TEMPLATE(1,0);
}else{
LOGIN_FORCE($USER_ID, $Login_Error);
}
break;
The code above works 100%, I just want to see if I missed any security things or programmed it crappy
help me, how to find text on an external html site using PHP
Would anyone know how to search an external html file for a work or phrase ?I was thinking something like this --I use script cURL...Code: <?phpif (isset($_POST['submitted'])) { $xurl_1 =
Warning: session_start() [function.session-start]: Cann.....
hi, can someone help me with this? I keep getting this error....Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by ......I tried to upload my files
Baffled by Undefined Index in Simple Array: Please Help!
Hello. I have a form which posts an array to this script. However, I can't seem to access the values in the array; I keep getting an undefined index. Something is not right, but the code is so simple!
use an array from 1 class in a second class
I have a class that adds data to an arrayThen I have a second class and I need to check if the data it returns is in the array created in the first class.But I get undefined variable: Array
Inserting into MySQL Newbie
Hi ive got a slight problem where ive made a simple web form where the customer inserts the ammount of tickets and then enters their personal details... then this form does the post method and it then
How would I protect......
I have a from, actually, a good amount of forms. How can I make it so you can't type the characters: '!~*&^%().;-_ in the form? Where it completely blocks those characters
HTML Email rec'd as Source Code
The code does create and send the email successfully. However, the message shows as html code and not an html email. Any ideas what is causing this?Thanks.Code: // Email require_once
LSB (PHP 5.3) problem with static value!
hello,i'm having a problem. static::$text variable gets lost at some point. can someone please correct and explain it to me?Line number On/Off| Expand/Contract <?phpclass A { protected
Help please - How to validate from 2 possible answers
Hi I hope somebody can help me with what will probably be really simple, I'm pulling my hair trying to get my head round it.I've got a contact form and I would like to add to it a couple of simple
Secure pages Sessions vs. Cookies & session_destroy() help
Im new here and new to PHP, I hope you can help me with some questions. Im writing my web app, and i have login screen where user enters his username and passoword, then I check im MySQL database is