<html>
<body>
<h1>LOGIN</h1></br>
<form action="login.php" method="post">
<b>ID </b><input type="text" name="id"></br>
<b>PW</b><input type="password" name="pw"></br></br>
<input type="submit" value="login"></br>
</form>
</body>
</html>
<?php
@session_start();
require_once "functions.php";
if (isset($_POST['id']) && isset($_POST['pw'])) {
$data = data_escape($_POST);
$res = mysql_query("select id from member where id='{$data['id']}' and pw='{$data['pw']}'");
$arr = mysql_fetch_array($res);
if ($arr['id']) {
$_SESSION['id'] = $data['id'];
echo "<script>document.location='./index.php';</script>";
} else {
echo "<script>alert('user not found');</script>";
}
}
public function get_comment_list()
{
$id = $this->metadata['id'];
$res = mysql_query("select comment,time from board where id='{$id}'");
echo "<table border=1><tr><td>comment</td><td>time</td>";
while ($row = mysql_fetch_array($res)) {
list($comment, $time) = self::board_unpack(array($row['comment'], $row['time']));
echo "<tr><td>";
echo $comment;
echo "</td><td>";
echo $time;
echo "</td></tr>";
}
echo "</table>";
}
}
if ($_SESSION) {
echo "<h2>--- WRITE YOUR COMMENT ---</h2>";
echo "<form action='' method='post'>";
echo "comment : <input type='text' name='comment'>";
echo "<input type='submit' value='add'>";
echo "</form>";
if ($_POST) {
$escape_post = data_escape($_POST);
$board_obj = new board($escape_post['comment'], 1);
$board_obj->write_comment_board();
}
$board_obj = new board("none", 1);
$board_obj->displayer();
echo "<h3><a href='logout.php'>logout</a></h3>";
}
