// Three POST parameters: // $_POST['name'], $_POST['password'], $_POST['remember'] if (isset($_POST['name']) && isset($_POST['password'])) { $userdata = $db->getuserdata_login($_POST['name'], $_POST['password']); if ($userdata != NULL) { $_SESSION['username'] = $userdata['username']; $_SESSION['userid'] = generateRandID(); $_SESSION['userlevel'] = $userdata['userlevel']; $_SESSION['admin'] = $userdata['mod_admin']; $_SESSION['mod_array'] = $userdata['mod_array']; $_SESSION['mod_global'] = $userdata['mod_global']; if ($userdata['mod_global'] || $userdata['mod_array']) { $_SESSION['moderator'] = true; } // Update userid field $db->updateuser($_POST['name'], $_SESSION['userid']); } else { // Login error - show that in the template $sm->assign("loginerror", 1); } } //This checks to see if end user has even bothered to change the default email. No use giving a link to something that won't work. ~tyamzzz if (THprofile_emailaddr != "THIS IS NOT AN EMAIL") { $sm->assign("showreset", 1); } if (isset($_SESSION['username'])) { // Set logged-in vars $sm->assign("loggedin", 1); $sm->assign("username", $_SESSION['username']); } $sm->display("login.tpl", null);