Here is the code for the login page:
Code: Select all
require "config2.php";
$arrErrors = array();
// login button has been pressed
if (isset($_POST['login'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));
if ($username == '') {
$arrErrors['username'] = 'Please enter your username.';
}
if ($password == '') {
$arrErrors['password'] = 'Please enter your password.';
}
$login_check = "SELECT * FROM users WHERE username= '$username'" or die ("Could not select database because: " . mysql_error());
$login_query = mysql_query ( $login_check ) or die ( 'Query failed because: ' . mysql_error () );
$login_result = mysql_result ( $login_query, 0, 0 );
if ($login_result == 1) {
setcookie ("username", $login_result[username]);
setcookie ("password", $login_result[password]);
header('Location: add_a_comment.php');
exit;
} else {
echo "<center>Sorry, you don't know who you are!</center>";
}
}
mysql_close();Code: Select all
session_start();
if (isset($_COOKIE['username']) && ($_COOKIE['password'])) {
print "You are logged in as: ".$_COOKIE['username'];
print "<a href=logout.php>Logout</a>";
} else {
print "You are not logged in. Please <a href=login.php>click here</a> to login.";
}