Already logged in as ".$_SESSION['susername']."...
";
exit();
}
if(!isset($_POST['submit'])) {
include('logo.html');
include('menulist.html');
loginhtml("Members only. Please login to access.");
exit();
}
// get username and password
$username = $_POST['username'];
$password = $_POST['password'];
// register username and logged as session variables.
session_register("susername");
session_register("slogged");
//set session variables
$_SESSION["susername"] = $username;
$_SESSION["slogged"] = false;
// open database file
$handle = sqlite3_open($db) or die("Could not open database");
// query string
$query = "SELECT * FROM login where username=\"$username\"";
// execute query
$result = sqlite3_query($handle, $query) or die("Error in query: ".sqlite3_error($handle));
// if rows exist
if (($row = sqlite3_fetch_array($result)) != '') {
if(md5($password) == $row["password"])
$valid_user = 1;
}
else {
$valid_user = 0;
}
//if not valid user
if (!($valid_user)) {
// Unset session variables.
session_unset();
include('logo.html');
include('menulist.html');
loginhtml("Incorrect login information, please try again. You must login to access.");
exit();
}
//if valid user
else {
$referer = $_GET['referer'];
$_SESSION["slogged"] = true;
if($referer != '') {
header('Location: '.$referer);
exit();
}
include('logo.html');
include('menulist.html');
echo "
Logged in sucessfully...";
}
function loginhtml($info)
{
?>