OPINIONS WANTED
Posted on
16th Feb 2014 07:03 pm by
admin
This is my login page code, and I want your opinion on it please!
Code: // Login ~ CHECKS THE (USERNAME/PASSWORD) ENTERED BY THE USER THEN EITHER GRANTS ACCESS OR DENIEDS ACCESS
case "Login":
if(!preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Username"]) || !preg_match("/^[a-z0-9]{2,20}$/i", $_POST["F_1_Login_Password"])){
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
if(!$Login_Error){
$Login_Username = $DB->real_escape_string($_POST["F_1_Login_Username"]);
$Login_Password = $DB->real_escape_string(md5($_POST["F_1_Login_Password"]));
$Login_Check = $DB->query("SELECT id,username,account_status,suspended_timestamp FROM members WHERE username='$Login_Username' && password='$Login_Password'");
$Login_Status = $Login_Check->num_rows;
$Login_Information = $Login_Check->fetch_object();
if($Login_Status){
if($Login_Information->account_status == 0){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}elseif($Login_Information->account_status == 1){
if($Login_Information->suspended_timestamp < $TIMESTAMP){
if(!QUICK_STATUS_CHECK($DB,$Login_Information->id,$TIMESTAMP)){
$_SESSION["USER_ID"] = $Login_Information->id;
$USER_ID = $Login_Information->id;
$DB->query("UPDATE members SET account_status='0' WHERE id='$USER_ID'");
$DB->query("UPDATE members SET last_action='$TIMESTAMP' WHERE id='$USER_ID'");
}else{
$Login_Error = "YOU ARE CURRENTLY LOGGED IN ALREADY";
}
}else{
$Login_Error = "ACCOUNT SUSPENDED FOR 24 HOURS";
}
}else{
$Login_Error = "ACCOUNT BANNED";
}
}else{
$Login_Error = "INCORRECT ACCOUNT INFORMATION";
}
}
if($USER_ID){
TEMPLATE(0,0);
SMOOTH_REDIRECT("Redirecting","index.php");
TEMPLATE(1,0);
}else{
LOGIN_FORCE($USER_ID, $Login_Error);
}
break;
The code above works 100%, I just want to see if I missed any security things or programmed it crappy
No comments posted yet
Your Answer:
Login to answer
344 
5 
Other forums
The control with ID 'ace' requires a ScriptManager on the page
I'm trying to add a simple AlwaysVisibleControlExtender to my page, but it's not working. I get the
php is not recognized as an internal or external command
Hello,
I am trying to bake the code in CakePHP through my console.
I have changed my Path
There was a problem with the request. (Code: 0)
Any Idea what could cause this? I get it randomly at best. But with both IE and FF. It derives from
Multiple forms on the same page (safari)
Hello everyone,
I have 3 forms on the same page, that opens in a new window and submits to a
getting rid of quotes in strings
sick of trying to deal with them in multiple ways (entering in and taking from database, echoing, ec
php calculate
this code echoes correctly the sum but the inserted result is 0??
Code: <?php
$TotalNum
Displaying data from database into a 2 dimensional table
Good day!
I'm a beginner in PHP and I'm not expecting a full coding for this qestion. I'm jus
The page should be expire when cilck back button
hi,
i'm new to php world.
i create user registration page.
when i submit it,data goes to my
Structure Question - One Table or One Table Per Record Set?
I have a web app (mySQL and PHP) which allows people to create an item with up to 200 records which
Blocking video streaming
Hello everyone,
I post a message here because i didn't find any solution yet.
I just finis
