/
login.php
86 lines (66 loc) · 1.59 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
<?php
require_once('includes/globals.inc');
$refer = $_GET['refer'];
$printForm = 1;
if(isset($_POST['loginName']) && isset($_POST['loginPass']))
{
mysqlSetup();
escapes('loginName', $_POST['loginName']);
escapes('loginPass', $_POST['loginPass']);
$sqlquery = "SELECT `category` FROM `pb_users` WHERE `name` = '$mloginName' AND "
. "`password` = '$mloginPass'";
$result = mysql_query($sqlquery) or die('Invalid query: ' . mysql_error());
if(!mysql_num_rows($result))
{
emitTop('Peanut Butter -> Login', $refer);
?>
<p><em>Invalid username/password.</em></p>
<?php
}
else
{
$printForm = 0;
$row = mysql_fetch_row($result);
session_start('login');
$_SESSION['loggedIn'] = 1;
$_SESSION['userName'] = $loginName;
$_SESSION['userType'] = $row[0];
session_write_close();
emitTop('Peanut Butter -> Logged In', $refer);
?>
<script type="text/javascript">
document.location = "<?php echo $refer;?>";
</script>
<?php emitBottom();?>
<?php
}
mysql_close();
}
elseif(isset($_POST['loginName']) || isset($_POST['loginPass']))
{
?>
<p><em>Missing information.</em></p>
<?php
}
if($printForm)
{
emitTop('Peanut Butter -> Login Form', $refer);
?>
<form name="loginForm" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>?refer=<?php echo $refer;?>">
<h3>Please enter username and password</h3>
<table>
<tr>
<th>Username:</th>
<td><input type="text" name="loginName" size="15" /></td>
</tr>
<tr>
<th>Password:</th>
<td><input type="password" name="loginPass" size="15" /></td>
</tr>
</table>
<input type="submit" name="Login" value="Login" />
</form>
<?php
}
?>
<?php emitBottom();?>