Can anyone help with this code?
Code: Select all
<?php
define('SQL_USER', 'username');
define('SQL_PASS', 'password');
define('SQL_DB', 'mydb');
// Create a link to the database server
$link = mysql_connect('localhost', 'username', 'password');
if(!$link) :
die('Could not connect: ' . mysql_error());
endif;
// Select a database where our member tables are stored
$db = mysql_select_db(SQL_DB, $link);
if(!$db) :
die ('Can\'t connect to database : ' . mysql_error());
endif;
session_start();
if(isset($_POST['submit'])) :
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
// Make the query a wee-bit safer
$query = sprintf("SELECT L_ID, access FROM login WHERE user = '%s' AND pass = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password));
$result = mysql_query($query);
if(1 != mysql_num_rows($result)) :
// MySQL returned zero rows (or there's something wrong with the query)
header('Location: Login.html?msg=login_failed');
else :
// We found the row that we were looking for
$row = mysql_fetch_assoc($result);
// Register the user ID for further use
$_SESSION['member_ID'] = $row['L_ID'];
header('Location: members-area.php');
endif;
endif;
?>