index.php
Code: Select all
<form action="veri.php" method="POST">
<table border="0" width="50%" cellspacing="1" cellpadding="4" bgcolor="#000000">
<tr valign="top">
<td width="100%" bgcolor="#456789" align="center" colspan="2"><font face="verdana" size="3" color="#FFFFFF"><b>D-Frame.co.uk Control Panel Login...</b></font></td>
</tr>
<tr>
<td width="35%" bgcolor="#F9F9F9" align="center"><font face="verdana" size="2">Username:</font><br><font face="verdana" size="1">[<a href="./register.php">Register</a>]</font></td>
<td width="65%" bgcolor="#F9F9F9" align="center"><input type="text" name="username"></td>
</tr>
<tr>
<td width="35%" bgcolor="#F9F9F9" align="center"><font face="verdana" size="2">Password:</font></td>
<td width="65%" bgcolor="#F9F9F9" align="center"><input type="password" name="password"></td>
</tr>
<tr valign="top">
<td width="100%" bgcolor="#345678" align="center" colspan="2"><input type="submit" value="Login..."></td>
</tr>
</table>
</form>Code: Select all
<?php
if ((!$_POST[username]) || (!$_POST[password])) {
?>
<html>
<head>
<title>D-Frame.co.uk Control Panel Login</title>
</head>
<body bgcolor="#C9C9C9" text="#000000" link="#000000" vlink="#000000" alink="#000000">
<center>
<table border="0" width="50%" cellspacing="1" cellpadding="4" bgcolor="#000000">
<tr valign="top">
<td width="100%" bgcolor="#456789" align="center"><font face="verdana" size="3" color="#FFFFFF"><b>D-Frame.co.uk Control Panel Login...</b></font></td>
</tr>
<tr>
<td width="100%" bgcolor="#F9F9F9" align="center"><font face="verdana" size="2">You didn't fill in all the forms. <a href="./index.php">Go Back</a></font></td>
</tr>
</table>
<font face="verdana" size="1">Copyright ©<a href="mailto:dalehay@gmail.com">D-Frame.co.uk</a>, 2004</font>
</center>
</body>
</html>
</php
exit;
}
$conn = mysql_connect("localhost", "dframe_dale", "********") or die(mysql_error());
mysql_select_db("dframe_dforum",$conn) or die(mysql_error());
// $sql = "SELECT username, password FROM users WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";
$result = mysql_query($sql,$conn) or die(mysql_error());
if (mysql_num_rows($result) == 1) {
$username = mysql_result($result, 0, 'username');
// I god damn hate cookies!
setcookie("access", "1", time()+3600, "/", "d-frame.co.uk", 0);
// OH for fu.. bleedin hell, not only does this require cookies but SESSIONs TOO! *grumbles*
session_start();
$_SESSION[username] = "$_POST[username]";
?>
<html>
<head>
<title>D-Frame.co.uk Control Panel Login</title>
</head>
<body bgcolor="#C9C9C9" text="#000000" link="#000000" vlink="#000000" alink="#000000">
<center>
<table border="0" width="50%" cellspacing="1" cellpadding="4" bgcolor="#000000">
<tr valign="top">
<td width="100%" bgcolor="#456789" align="center"><font face="verdana" size="3" color="#FFFFFF"><b>D-Frame.co.uk Control Panel Login...</b></font></td>
</tr>
<tr>
<td width="100%" bgcolor="#F9F9F9" align="center"><font face="verdana" size="2">Thanks <?php echo "$_SESSION[username]"; ?> for logging in!<br>[<a href="./membercp/">Proceed...</a>]</font></td>
</tr>
</table>
<font face="verdana" size="1">Copyright ©<a href="mailto:dalehay@gmail.com">D-Frame.co.uk</a>, 2004</font>
</center>
</body>
</html>
<?php
} else {
?>
<html>
<head>
<title>D-Frame.co.uk Control Panel Login</title>
</head>
<body bgcolor="#C9C9C9" text="#000000" link="#000000" vlink="#000000" alink="#000000">
<center>
<table border="0" width="50%" cellspacing="1" cellpadding="4" bgcolor="#000000">
<tr valign="top">
<td width="100%" bgcolor="#456789" align="center"><font face="verdana" size="3" color="#FFFFFF"><b>D-Frame.co.uk Control Panel Login...</b></font></td>
</tr>
<tr>
<td width="100%" bgcolor="#F9F9F9" align="center"><font face="verdana" size="2">We couldn't log you in because either the username or password you supplied couldn't be found in the database. <a href="./index.php">Go Back</a></font></td>
</tr>
</table>
<font face="verdana" size="1">Copyright ©<a href="mailto:dalehay@gmail.com">D-Frame.co.uk</a>, 2004</font>
</center>
</body>
</html>
<?php
exit;
}
?>