What wrong with this code
Posted: Mon Apr 10, 2006 7:40 am
The following code was working fine on my development platform php 4.4.2 but is now not working on the live site php 4.3.2.
Can anyone tell me what I've done wrong?
ps I'm using ez_sql as my db wrapper
Can anyone tell me what I've done wrong?
Code: Select all
<?PHP
ob_start();
include 'include/header.php';
if ($REQUEST_METHOD == 'POST')
{
$crypt = md5($_POST[password]);
if (!$db->query("SELECT * FROM users WHERE password = '$crypt' AND userName = '$_POST[userName]'"))
{
echo"<META HTTP-EQUIV=Refresh CONTENT=\"5; URL=login.php\">\n<h3>BAD PASSWORD TRY AGAIN</h3>";
}
else
{
$user = $db->get_row("SELECT * FROM users WHERE userName = '$_POST[userName]'");
/*Start login session and register variables*/
session_start();
session_register("sess_user");
$sess_user="$user->idusers";
session_register("sess_name");
$sess_name="$user->userName";
/*Insert a 1 to say user is online
$db->query("UPDATE users SET online = '1' WHERE iduser = '$sess_user'");*/
echo"<META HTTP-EQUIV=Refresh CONTENT=\"5; URL=index.php\">\n<h3>You're logged in as $sess_name</h3>";
}
}
else
{
?>
<!--Main Content //-->
<h2>Log in Please</h2>
<form name="login" action="login.php" method="post">
<table cellspacing="1">
<tr><td><p>Your Username</p></td></tr>
<tr><td><input type="text" name="userName" maxlength="30"></td></tr>
<tr><td><p>Password</p></td></tr>
<tr><td><input type="password" name="password" maxlength="30"></td></tr>
<tr><td><input type="submit" name="login" value="Login"></td></tr>
</table>
</form>
<!--Main Content ends //-->
<?PHP
}//close the above if statement
include 'include/footer.php';
?>