Code: Select all
<?php
error_reporting(E_ALL);
// If there is no cookie presesnt
if (!isset($_COOKIE['cookie_info'])) {
// Variables that data come from the form
$username = $_POST["user"];
$password = $_POST["pass"];
// Check if username and password where submitted
if (!$username) {
echo "Please enter username"; exit;
}
if (!$password) {
echo "Please enter password"; exit;
}
// Use Connect Script
include("connect.php");
// MD5 Username and Password
$username = MD5($username);
$password = MD5($password);
// Check if username exists. If not then say no such username.
$issuchusername = mysql_query("SELECT * FROM userdata WHERE userid = '$username'");
$usernamelogin = mysql_num_rows($issuchusername);
// If username exists
if ($usernamelogin == 1) {
$issuchpassword = mysql_query("SELECT * FROM userdata WHERE userid = '$username' AND userpass = '$password'");
$passwordlogin = mysql_num_rows($issuchpassword);
// If password is correct
if ($passwordlogin == 1) {
$time = time();
$cookie_data = $username.'-'.$password;
if(setcookie ("cookie_info",$cookie_data, $time+3600)==TRUE) {
}
else {
echo "You computer does not support cookies. <BR> To view other pages after logged in you need to have cookies enabled.<BR>";
}
}
else {
echo "Incorrect username/password";
exit;
}
}
else {
echo "Incorrect username/password";
exit;
}
}
// End if no cookie present
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Login</title>
<script language="JavaScript">
<!--
function FP_swapImg() {//v1.0
var doc=document,args=arguments,elm,n; doc.$imgSwaps=new Array(); for(n=2; n<args.length;
n+=2) { elm=FP_getObjectByID(args[n]); if(elm) { doc.$imgSwaps[doc.$imgSwaps.length]=elm;
elm.$src=elm.src; elm.src=args[n+1]; } }
}
function FP_preloadImgs() {//v1.0
var d=document,a=arguments; if(!d.FP_imgs) d.FP_imgs=new Array();
for(var i=0; i<a.length; i++) { d.FP_imgs[i]=new Image; d.FP_imgs[i].src=a[i]; }
}
function FP_getObjectByID(id,o) {//v1.0
var c,el,els,f,m,n; if(!o)o=document; if(o.getElementById) el=o.getElementById(id);
else if(o.layers) c=o.layers; else if(o.all) el=o.all[id]; if(el) return el;
if(o.id==id || o.name==id) return o; if(o.childNodes) c=o.childNodes; if(c)
for(n=0; n<c.length; n++) { el=FP_getObjectByID(id,c[n]); if(el) return el; }
f=o.forms; if(f) for(n=0; n<f.length; n++) { els=f[n].elements;
for(m=0; m<els.length; m++){ el=FP_getObjectByID(id,els[n]); if(el) return el; } }
return null;
}
// -->
</script>
</head>
<body>
<?php
// Use Connect Script
include("connect.php");
// Use cookie and Extract the cookie data (Username and Password)
$cookie_info = explode("-", $_COOKIE['cookie_info']);
$namecookie = $cookie_info[0];
$passcookie = $cookie_info[1];
if (!isset($_COOKIE['cookie_info'])) {
$namecookie = $_POST["user"];
$passcookie = $_POST["pass"];
// MD5 Username and Password
$namecookie = MD5($namecookie);
$passcookie = MD5($passcookie);
}
// Check if username exists. If not then say no such username.
$issuchusername = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie'");
$usernamelogin = mysql_num_rows($issuchusername);
// If username exists
if ($usernamelogin == 1) {
$issuchpassword = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie' AND userpass = '$passcookie'");
$passwordlogin = mysql_num_rows($issuchpassword);
// If password is correct
if ($passwordlogin == 1) {
// User is now logged in, display details of user
// Get details of user from Database and put them in variables
$query = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie'");
$nameuser = mysql_result($query,0,13);
$name = mysql_result($query,0,2);
$address = mysql_result($query,0,3);
$suburb = mysql_result($query,0,4);
$state = mysql_result($query,0,5);
$postcode = mysql_result($query,0,6);
$phone1 = mysql_result($query,0,7);
$phone2 = mysql_result($query,0,8);
$emailaddress = mysql_result($query,0,9);
$joineddate = mysql_result($query,0,10);
echo "<B>Welcome $nameuser <BR>You are now Logged in</B><BR><BR>";
?>
<form action="x/updateuser.php" method="POST">
<?
// Make the table displaying details of user and a update and reset button
echo "
<table border='0' width='100%' id='table1' height='300'>
<tr>
<td width='115'><font face='Tahoma'>Username:</td>
<td> <font face='Tahoma'>$nameuser </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Name:</td>
<td> <font face='Tahoma'>$name </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Address:</td>
<td> <font face='Tahoma'>$address </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Suburb/City:</td>
<td> <font face='Tahoma'>$suburb </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>State:</td>
<td> <font face='Tahoma'>$state </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Postcode:</td>
<td> <font face='Tahoma'>$postcode </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Phone #1:</td>
<td> <font face='Tahoma'>$phone1 </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Phone #2:</td>
<td> <font face='Tahoma'>$phone2 </font></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Email Address:</td>
<td> <font face='Tahoma'>$emailaddress </font> </td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Joined Date:</font></td>
<td> <font face='Tahoma'>$joineddate </font></td>
</tr>
</table>";
?>
</form>
<a href="x/login.php">Login Home</a>
<a href="x/updateuser.php">Update my Details</a>
<a href="x/changepassword.php">Change my Password</a>
<a href="x/logout.php">Logout</a><p><br>
<?php
// Check how many people are online
// Grab the number of people online now
$numberofpeopleonlinecount = mysql_query("SELECT * FROM usersonline");
$numberofpplonline = mysql_num_rows($numberofpeopleonlinecount);
// Check if user is on online list
$isthisuseronline = mysql_query("SELECT * FROM usersonline WHERE username = '$nameuser'");
$isuseronline = mysql_num_rows($isthisuseronline);
// If user is not on list then add them
if ($isuseronline == 0) {
echo "Adding User to online user list<BR>";
mysql_query("INSERT INTO usersonline VALUES ('$nameuser')");
// Print the number of users online
$numberofpeopleonlinecount = mysql_query("SELECT * FROM usersonline");
$numberofpplonline = mysql_num_rows($numberofpeopleonlinecount);
echo "Current Users Online: ";
for ($i = 0; $i < $numberofpplonline; $i++) {
$isonlinequery = mysql_query("SELECT * FROM usersonline");
$useronline = mysql_result($isonlinequery,$i,0);
// Print current username gotten from i
echo "$useronline ";
}
}
// Get all users online
else {
// Print the number of users online
echo "Current Users Online: ";
for ($i = 0; $i < $numberofpplonline; $i++) {
$isonlinequery = mysql_query("SELECT * FROM usersonline");
$useronline = mysql_result($isonlinequery,$i,0);
// Print current username gotten from i
echo "$useronline ";
}
}
// Print the number of users online
echo "<BR> There are $numberofpplonline Users Online <BR>";
// If user and password are not correct print error message
}
else {
echo "Incorrect username/password";
exit;
}
}
else {
echo "Incorrect username/password";
exit;
}
// End Login
?>
</body>
</html>Code: Select all
Warning: Cannot modify header information - headers already sent by (output started at C:\apache\www\index.php:8) in C:\apache\www\member.php on line 40
You computer does not support cookies.
To view other pages after logged in you need to have cookies enabled.
Notice: Undefined index: cookie_info in C:\apache\www\member.php on line 99
Notice: Undefined offset: 1 in C:\apache\www\member.php on line 101
Welcome killer
You are now Logged in