Code: Select all
<?php # Script 16.8 - login.php
// This is the login page for the site.
require_once ('../includes/config.inc.php');
require_once ('../../mysqli_connect.php');
include ('../includes/header.html');
if (isset($_POST['submitted'])) {
require_once (MYSQL);
// Validate the email address:
if (!empty($_POST['email'])) {
$e = mysqli_real_escape_string ($dbc, $_POST['email']);
} else {
$e = FALSE;
echo '<p class="error">You forgot to enter your email address!</p>';
}
// Validate the password:
if (!empty($_POST['pass'])) {
$p = mysqli_real_escape_string ($dbc, $_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) { // If everything's OK.
// Query the database:
$q = "SELECT username, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p')) AND active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
//$row = mysql_fetch_array($r);
//$username = $row['username'];
if (@mysqli_num_rows($r) == 1) { // A match was made.
// Register the values & redirect:
setcookie("email", $e, time()+3600);
//$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
?>
<script language="javascript">
window.location = "http://www.liveequian.com/htdocs/pages/login_main.php";
</script>s
<?
//header("location: login_main.php");
mysqli_free_result($r);
mysqli_close($dbc);
ob_end_clean(); // Delete the buffer.
exit(); // Quit the script.
} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}
mysqli_close($dbc);
} // End of SUBMIT conditional.
?>
<h1>Login</h1>
<p>Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p>
<p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
<?php // Include the HTML footer.
include ('../includes/footer.html');
?>