|
|
|
@@ -15,6 +15,7 @@ if (isset($_SESSION['userid']) && ($_SESSION['access'])){ |
|
|
|
} |
|
|
|
$sqllogin = "SELECT * FROM users WHERE users.username = '$username' and password = '$password'"; |
|
|
|
if (!$result = $con->query($sqllogin)){ |
|
|
|
echo 'Invalid username or password'; |
|
|
|
die ('There was an error running the query [' . $con->error . ']'); |
|
|
|
} |
|
|
|
while ($row = $result->fetch_array()){ |
|
|
|
@@ -27,36 +28,4 @@ if (isset($_SESSION['userid']) && ($_SESSION['access'])){ |
|
|
|
echo 'Your username is ' . $uname . '. Your userid is ' . $uid . '. Your access level is ' . $access . '.<BR />'; |
|
|
|
} |
|
|
|
} |
|
|
|
# keeping the code below for references material only |
|
|
|
/* if(isset($_POST["submit"])){ |
|
|
|
if(empty($_POST["username"]) || empty($_POST["password"])){ |
|
|
|
$error = "Both fields are required."; |
|
|
|
} else { |
|
|
|
// Define $username and $password |
|
|
|
$username=$_POST['username']; |
|
|
|
$password=$_POST['password']; |
|
|
|
|
|
|
|
// To protect from MySQL injection |
|
|
|
$username = stripslashes($username); |
|
|
|
$password = stripslashes($password); |
|
|
|
$username = mysqli_real_escape_string($con, $username); |
|
|
|
$password = mysqli_real_escape_string($con, $password); |
|
|
|
$password = md5($password); |
|
|
|
|
|
|
|
//Check username and password from database |
|
|
|
$sql-login="SELECT userid FROM users WHERE users.username = '$username' and password = '$password'"; |
|
|
|
$result=mysqli_query($con,$sql-login); |
|
|
|
$row=mysqli_fetch_array($result,MYSQLI_ASSOC); |
|
|
|
|
|
|
|
//If username and password exist in our database then create a session. |
|
|
|
//Otherwise echo error. |
|
|
|
|
|
|
|
if(mysqli_num_rows($result) == 1){ |
|
|
|
$_SESSION['username'] = $login_user; // Initializing Session |
|
|
|
header("location: gw-toon.php"); // Redirecting To Other Page |
|
|
|
} else { |
|
|
|
$error = "Incorrect username or password."; |
|
|
|
} |
|
|
|
} |
|
|
|
} */ |
|
|
|
?> |
mauirixxx
8 anos atrás