Code: Select all
$_SESSION['password']=md5(trim($_POST['password']));
$_SESSION['username']=$_POST['username'];
if (!isset($_SESSION['loggedin'])) {
$query="select * from `upass` where `username` = '".$_SESSION['username']."' and `password` = '".$_SESSION['password']."'";
$result=$db->query($query);
if ($result->num_rows<1) {
echo "<font color='red'>ERROR: Incorrect username or password. Please re-enter:</font><br /><br />
<form action='login.php' method='post'>
<input type='submit' value='Retry'>
</form>";
exit;
} else {
$_SESSION['loggedin']=TRUE;
}
}
////////
Remaining script here to display page if logged in successfully
///////
Code: Select all
if (!isset($_SESSION['loggedin'])) {
echo "<font color='red'>ERROR: You must be logged in to view this page.</font><br /><br />
<form action='login.php' method='post'>
<input type='submit' value='Log In'>
</form>";
exit;
}
////////
Remaining script here to display page if logged in successfully
///////
Suggestions?
Thanks in advance -
sleepydad