function db_login($user, $pass)
{
$login = "******";
$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>');
if ($result && mysql_num_rows($result) == 1) {
// Login Successful...
blobMessagePush("You have logged in as '" . $user . "'");
blobLogin($user);
blobRedirect('index.php');
}
}
blobPageStartup(array('notauthenticated'));
blobDatabaseConnect();
if (isset($_POST['Login'])) {
$user = $_POST['username'];
$user = stripslashes($user);
$user = mysql_real_escape_string($user);
$pass = $_POST['password'];
$pass = stripslashes($pass);
$pass = mysql_real_escape_string($pass);
$pass = md5($pass);
$qry = "SELECT * FROM `users` WHERE user='******' AND password='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
if ($result && mysql_num_rows($result) == 1) {
// Login Successful...
blobMessagePush("You have logged in as '" . $user . "'");
blobLogin($user);
$row = mysql_fetch_assoc($result);
if ($row["isadmin"] == "1") {
blobAdminLogin();
}
blobRedirect('index.php');
}
// Login failed
blobMessagePush("Login failed");
blobRedirect('login.php');
}
$forgotUrl = BLOB_WEB_PAGE_TO_ROOT . "forgot.php";
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Login';
$page['page_id'] = 'login';
$page['onload'] = "onLoad=\"document.form.username.focus()\"";
