-
Notifications
You must be signed in to change notification settings - Fork 1
/
login.php
74 lines (53 loc) · 1.61 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
session_start();
require_once "dblog.php";
require_once "security.php";
$db_server = mysql_connect($db_hostname, $db_username, $db_password);
if(!$db_server) die ("Unable to connect to MySQL: " . mysql_error());
mysql_select_db($db_database)
or die("Unable to select database: " . mysql_error());
$username;
$password;
if(isset($_POST['username']) && isset($_POST['password']))
{
$username = sanitizeString($_POST['username']);
$password = sanitizeString($_POST['password']);
$query = "SELECT username, password FROM users WHERE username ='$username'
AND password = '$password'";
$result = mysql_query($query);
if(!$result) die ("Database access failed: " . mysql());
$row = mysql_fetch_row($result);
if($username == $row[0] && $password == $row[1])
{
echo "Login succesful, click <a href=\"home.php\"> here </a>";
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
}
else
{
echo "login information is incorrect";
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
}
}
echo <<< _END
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<link rel="stylesheet" href="http://www.w3.org/StyleSheets/Core/Chocolate" type="text/css">
<title>LinkGeet login</title>
</head>
<body>
<h1> LinkGit! </h1>
<h2> Keep track, share, discover.</h2>
<form method="post" action"login.php">
username: <input type="text" name="username" /> <br>
password: <input type="password" type="text" name="password" /> <br>
<input type="submit">
</form>
<a href="register.php">Sign Up</a>
</body>
</html>
_END;
?>