OPINIONS WANTED
Posted on
16th Feb 2014 07:03 pm by
admin
This is my login page code, and I want your opinion on it please!
Code: // Login ~ CHECKS THE (USERNAME/PASSWORD) ENTERED BY THE USER THEN EITHER GRANTS ACCESS OR DENIEDS ACCESS
case "Login":
if(!preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Username"]) || !preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Password"])){
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
if(!$Login_Error){
$Login_Username = $DB->real_escape_string($_POST["F_1_Login_Username"]);
$Login_Password = $DB->real_escape_string(md5($_POST["F_1_Login_Password"]));
$Login_Check = $DB->query("SELECT id,username,account_status,suspended_timestamp FROM members WHERE username='$Login_Username' && password='$Login_Password'");
$Login_Status = $Login_Check->num_rows;
$Login_Information = $Login_Check->fetch_object();
if($Login_Status){
if($Login_Information->account_status == 0){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}elseif($Login_Information->account_status == 1){
if($Login_Information->suspended_timestamp < $TIMESTAMP){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET account_status='0' WHERE id='$USER_ID'");
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}else{
$Login_Error = "ACCOUNT SUSPENDED FOR 24 HOURS";
}
}else{
$Login_Error = "ACCOUNT BANNED";
}
}else{
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
}
if($USER_ID){
TEMPLATE(0,0);
SMOOTH_REDIRECT("Redirecting","index.php");
TEMPLATE(1,0);
}else{
LOGIN_FORCE($USER_ID, $Login_Error);
}
break;
The code above works 100%, I just want to see if I missed any security things or programmed it crappy
No comments posted yet
Your Answer:
Login to answer
344 
5 
Other forums
change text color with a jQuery code
Hihow can I change the text in a asp:TextBox to a different color when I start typing using jQuery?I
Schedule editor
Hi,
I have a question related to Schedule editor.
If we schedule a BLS for every 30
Can't get the unicode character
I'm trying to get some text from various parts of a file. I have converted the file to hex (bin2hex)
login box shows up again after logging in 2nd login works
Hello,
I am having trouble on my site Lockerz.rack111.com where when you login the login box
help with Get_
ok some how this is not working i am not sure what i am doing wrong here but what this does is when
disable all input buttons
Hello Friends,
suppose i do have a file ( file.php ) has a submit button
Code: [Sele
Save cookie to DB
I'm working on a pixel tracking script for an incentive website and I need to use an ASP script to s
(sub)screen resize modification doesn't work after ECC 6 EhP 4 installation
Hello,
We have previously extended the size of the custom data tab on PO transaction ME23
MII Netweaver Server stopped due to CPIC connection Problem
Dear Experts,
We have SAP XMII 12.0 setup running on Netweaver 2004s,7.0, Java Stack only.
Could Someone Please Debug This?
I was wondering if someone could debug this script for me. I realize it's not the tidest script (and
