This is my login page code, and I want your opinion on it please!
Code: // Login ~ CHECKS THE (USERNAME/PASSWORD) ENTERED BY THE USER THEN EITHER GRANTS ACCESS OR DENIEDS ACCESS
case "Login":
if(!preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Username"]) || !preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Password"])){
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
if(!$Login_Error){
$Login_Username = $DB->real_escape_string($_POST["F_1_Login_Username"]);
$Login_Password = $DB->real_escape_string(md5($_POST["F_1_Login_Password"]));
$Login_Check = $DB->query("SELECT id,username,account_status,suspended_timestamp FROM members WHERE username='$Login_Username' && password='$Login_Password'");
$Login_Status = $Login_Check->num_rows;
$Login_Information = $Login_Check->fetch_object();
if($Login_Status){
if($Login_Information->account_status == 0){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}elseif($Login_Information->account_status == 1){
if($Login_Information->suspended_timestamp < $TIMESTAMP){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET account_status='0' WHERE id='$USER_ID'");
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}else{
$Login_Error = "ACCOUNT SUSPENDED FOR 24 HOURS";
}
}else{
$Login_Error = "ACCOUNT BANNED";
}
}else{
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
}
if($USER_ID){
TEMPLATE(0,0);
SMOOTH_REDIRECT("Redirecting","index.php");
TEMPLATE(1,0);
}else{
LOGIN_FORCE($USER_ID, $Login_Error);
}
break;
The code above works 100%, I just want to see if I missed any security things or programmed it crappy
Problems generating word documents on server side for security reasons
I have a problem with word documentation generation when generating a word document (docx) with PHP. I am doing this for security reasons, as I do not want people to be able to directly access a file
reorder sql query
ok so i have this very simple code:Code: $query = "SELECT search_keywords, COUNT(search_keywords) AS counter FROM phpbb_popsearch GROUP BY search_keywords ORDER BY counter DESC limit 5";
tell csv import script to ignore blank rows?
Hi i have the below script but i get an error if a row is blank ie a return in the csv file at the end i need to somehow tell it to skip the rows that have nothing on them:Code: <?php // define
curl javascript problem
Hi Experts.I'm new curl and wanna to get some info from this http://www.amadeus.net/when user enter some city name,the page suggest a list and then user select one of them.then user click a button and
Help =( !! Upload Pics [PHP script]
HelloI need help with a php script [MULTIPLE UPLOAD IMAGES] , where I want to add a feature (watermark the uploaded pictures) , thats mean its watermark & upload in the same time . look this
1,000 select boxes with 100 options?!
I have 1 drop down select box with 1,000 options.In some case, there will be 100+ of these select boxes, with absolutely identical options.Is there any way to avoid repeating 1,000 options for 100
Mass activity scheduling
Hi experts,
Move array index to end
Hey guys, Quick question: I have an array that looks like this:Code: [Select]$var = array( 'name' => 'thename', 'title' => 'thetitle', 'media'
how can we add data from dynamic fields to mysql db in php
i have a script which i found on the internet. i modify that script according to my needs. what is in that script is there are three form fields with two buttons. one button is "Give me more
Seperate team from score
I am writing a site that does a NFL Pick 'em type application and I have a feed that gives me the scores of the NFL games every week I have it split apart down to each game two teams and a score