Code: Select all
<?php
include("includes/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect to MySQL Database!");
$query = "SELECT * FROM accounts WHERE login = '$uname' AND password = PASSWORD('$password')";
$result = mysql_db_query($database, $query, $connection);
if (mysql_num_rows($result) == 1)
{
session_start();
session_register("client_id");
session_register("client_name");
session_register("client_login");
session_register("client_email");
session_register("client_type");
list($clientid, $name, $login, $pass, $email, $type) = mysql_fetch_row($result);
$client_id = $clientid;
$client_name = $name;
$client_login = $login;
$client_email = $email;
$client_type = $type;
header("Location: main.php");
mysql_free_result ($result);
mysql_close($connection);
}
else
{
mysql_free_result ($result);
mysql_close($connection);
header("Location: index.html");
exit;
}
?>If the person isn't admin but has logged in successfully they should goto client.php
Can you help?
Also...is this login script any good ?