Code: Select all
<?php
if ((!$_POST[username]) || (!$_POST[password])) {
Print("Please hit back button and make sure all the fields are all filled in!");
}
#variables#
$db_address = "localhost";
$db_name = "pixelfriendly_com";
$table_name = "aprilacc";
$db_user = "pixel";
$db_pass = "***";
#connection#
$connection = @mysql_connect($db_address, $db_user, $db_pass) or die(mysql_error());
#select#
mysql_select_db($db_name) or die(mysql_error());
#
$sql = "SELECT * FROM $table_name WHERE GID = '$_POST[username]'
AND password = password('$_POST[password]')";
#results#
$result = @mysql_query($sql, $connection) or print("The ID or password is incorrect");
$num = mysql_num_rows($result); #think it starts here! the problem!
#
If ($num !=0) {
$cookie_name = "auth";
$cookie_value = "ok";
$cookie_expire = "0";
$cookie_domain = "http://game.pixelfriendly.com";
#
setcookie($cookie_name, $cookie_value, $cookie_expire, "/" , $cookie_domain, 0);
setcookie("user", $_POST[username], $cookie_expire, "/" , $cookie_domain, 0);
header("location: Http://game.pixelfriendly.com/account.php");
#
} else {
header("location: http://game.pixelfriendly.com/errorl.html");
exit;
}
?>