The code for the index is :
Code: Select all
<?php
session_start();
echo 'SID '.session_id();
include 'boardroom/db_conn.php';
include '/var/www/html/functions/security.php';
if ($_GET['logout']=='1')
{
$_SESSION = array();
session_destroy();
}
if (isset($_POST['email']) && isset($_POST['password']))
{
$email = makeSafe($_POST['email']);
$password = makeSafe($_POST['password']);
if ((strlen($email)>1) && (strlen($password)>1))
{
// if the user has just tried to log in
$password = sha1($password);
$login = "SELECT email,name FROM users WHERE email='".$email."' AND password='".$password."'";
$lq = mysql_query($login) or die("Query $login Failed".mysql_error());
$lr = mysql_fetch_assoc($lq);
if (mysql_num_rows($lq) >0)
{
$_SESSION['email'] = $email;
$_SESSION['name'] = $lr['name'];
}
}
}
?>
<html>
<head>
<title></title>
</head>
<body>
<h3></h3>
<br />
<?php if(isset($_SESSION['email']))
{
echo 'Welcome to football '.$_SESSION['name'].'.';
echo '<br />';
echo '<p><a href="index.php?logout=1">Logout</a></p>';
echo '<p><a href="predictions.php">Your Predictions</a></p>';
}
else
{
if ($_GET['message']=='thankyou')
{
echo '<p>Thank you for registering for football, you will receive an email with a reminder of your login information.</p>';
$loginText = 'P';
}
else
{
$loginText = 'If you are already registered with us p';
?>
<a href="register.php" />New User? Click to Register</a>
<br /><br />
<?php
}
?>
<form method="post" action="index.php">
<table>
<tr>
<td colspan="2">
<?php echo $loginText; ?>lease login using the form below.
</td>
</tr>
<tr>
<td>Username</td>
<td><input type="text" name="email" id="email"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" id="password">
</tr>
<tr>
<td></td>
<td><input type="submit" name="login" id="login" value="Login"></td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
predictions.php
Code: Select all
<?php
session_start();
echo 'SID '.session_id();
print_r($_SESSION);
if (isset($_SESSION['email']))
{
echo 'Logged in as '.$_SESSION['name'];
}
else
{
echo 'Not logged in';
}
?>