New Login Script
Posted on
16th Feb 2014 07:03 pm by
admin
Hi all, i attempted to create a whole new login script witch isnt working for some reason i dont know why. When i put the users details and then press submit, it just refreshes the page, even when i put the wrong details in it still does the same..
<?php
session_start();
include_once"config.php";
if (strip_tags($_GET['logout']) == "yes"){
session_destroy();
}elseif (isset($_SESSION['username'])){
header("Location: index2.php");
exit();
}
if ($_POST['Submit'] && strip_tags($_POST['username']) && strip_tags($_POST['password'])){
$username = addslashes(strip_tags($_POST['username']));
$password = addslashes(strip_tags($_POST['password']));
$ip = $REMOTE_ADDR;
///check INFO
$sql = mysql_query("SELECT * FROM allmembers WHERE username='$username' AND password='$password' LIMIT 1");
$login_check = mysql_num_rows($sql);
$inf = mysql_fetch_object($sql);
if ($login_check == "0"){
$message="You could not be logged in";
}elseif ($login_check != "0"){
if ($login_check > "0"){
if ($inf->status == "Dead"){
include_once"dead.php";
exit();
}
if ($inf->status == "Banned"){
$encoded=md5(strtolower($username));
header("Location: banned.php?banned=$username&encoded=$encoded");
exit();
}
session_register('username');
$_SESSION['username'] = $inf->username;
$timestamp = time()+60;
mysql_query("UPDATE allmembers SET online='$timestamp' WHERE username='$username'");
mysql_query("UPDATE allmembers SET l_ip='$ip' WHERE username='$username'");
header("Location: members.php");
} else {
$message= "You could not be logged in.<br />";
}}}
$total_regged=mysql_num_rows(mysql_query("SELECT * FROM allmembers"));
$admins=mysql_num_rows(mysql_query("SELECT * FROM allmembers WHERE userlevel='2'"));
$mods=mysql_num_rows(mysql_query("SELECT * FROM allmembers WHERE userlevel='1'"));
$iti=mysql_fetch_object(mysql_query("SELECT * FROM site_stats WHERE id='1'"));
$most=$iti->online;
?>
Thats all the php code for my login system.
Thanks for your help.
No comments posted yet
Your Answer:
Login to answer
219
7
Other forums
SQL Injection
In my attempts to protect my database from mySQL injection I have created another problem for myself
Why is this query failing?
Why is this not working?
$query = "SELECT * FROM `users` WHERE `userid` = " . $USERID
i need help with php header and footer
I have designed a header and footer for my site and they seem to be ok when they are running individ
Progress bar for webpage
Hi,
I want to implement a progress/waiting bar on my webpage - exactly the same thing that the Mi
Casting Decimals in Oracle
This code worked as a query in DB2, but I am not sure what the syntax is for casting decimals in Ora
error checking breaking my code
Hi there, OK first of all, big apologies for what I assume is really fundamental errors in the struc
Linux socket programming
Where can I find a good introduction to socket programming?
include function being weird?
I have a very simple system to grab an IP outputted by a PHP file.. (for a project I have) but it ou
Consuming MII WebService in Java WebDynpro
Hello,
We are facing a strange situation...
We define a transaction in MII to
Random date selection
i want to select random date with time(hour+minutes+sec) where date is specified(10/22/2009) and tim