function db_login($user, $pass) { $login = "******"; $result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>'); if ($result && mysql_num_rows($result) == 1) { // Login Successful... blobMessagePush("You have logged in as '" . $user . "'"); blobLogin($user); blobRedirect('index.php'); } }
blobPageStartup(array('notauthenticated')); blobDatabaseConnect(); if (isset($_POST['Login'])) { $user = $_POST['username']; $user = stripslashes($user); $user = mysql_real_escape_string($user); $pass = $_POST['password']; $pass = stripslashes($pass); $pass = mysql_real_escape_string($pass); $pass = md5($pass); $qry = "SELECT * FROM `users` WHERE user='******' AND password='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); if ($result && mysql_num_rows($result) == 1) { // Login Successful... blobMessagePush("You have logged in as '" . $user . "'"); blobLogin($user); $row = mysql_fetch_assoc($result); if ($row["isadmin"] == "1") { blobAdminLogin(); } blobRedirect('index.php'); } // Login failed blobMessagePush("Login failed"); blobRedirect('login.php'); } $forgotUrl = BLOB_WEB_PAGE_TO_ROOT . "forgot.php"; $page = blobPageNewGrab(); $page['title'] .= $page['title_separator'] . 'Login'; $page['page_id'] = 'login'; $page['onload'] = "onLoad=\"document.form.username.focus()\"";