Code: Select all
<?php
include"config.inc";
require_once("DB.php");
session_start();
$formuser = $HTTP_POST_VARSї'formuser'];
$formpass = $HTTP_POST_VARSї'formpass'];
$formemail = $HTTP_POST_VARSї'formemail'];
function loginUser($name, $pass)
{
global $host, $user, $password, $database;
$epass = encrypt($pass);
$db = new DB($host, $user, $password, $database);
//open a connection
if(!$db->open()){
die($db->error());
}
if(!$db->query("SELECT id FROM user WHERE username = '$name' AND password = '$epass'")){
die($db->error());
}
// if row exists - login/pass is correct
if ($db->numRows()== 1)
{
// register the user's ID
list($id) = $db->fetchArray();
session_start();
$SESSION_UID = $id;
if(session_register($SESSION_UID)){
echo ("success");
}else{
echo ("failed");
}
}
echo $db->numRows();
$db->freeResult();
$db->close();
}
function encrypt($item)
{
return (md5($item));
}
switch($HTTP_GET_VARSї'act'])
{
case "login":
loginUser($formuser, $formpass);
break;
case "logout":
logoutUser();
break;
case "new":
newUser($formname, $formpass, $formemail);
break;
case "update":
updateUser($SESSION_UID);
break;
case "view":
viewUser($formname);
break;
case "delete":
viewUser($formname);
break;
default:
//if they havent specified an action send them to index.php
header("Location: http://avalon/");
exit();
}
?>