Show Source Code


<?php


        session_start();


        if( isset($_SESSION['loginPassed3']) )
        {
            echo "<META http-equiv='refresh' content='0;URL=main.php'>";
        }
        else
        {

                if ( !empty($_POST["username"]) AND !empty( $_POST["password"]) )
                {
                    $Username = stripslashes($_POST['username']);
                    $Password = stripslashes($_POST['password']);
                    if (verifyLogin($Username, $Password))
                    {
                        $_SESSION['loginPassed3'] = 100;
                        $_SESSION['user'] = $Username;
                        $_SESSION['pass'] = $Password;
                        echo "<META http-equiv='refresh' content='0;URL=main.php'>";
                    }
                    else 
                    {
                        
                        echo
                            "<html>".
                            "<body text=\"black\" link=\"blue\" vlink=\"blue\" bgcolor=\"white\">".


                            "<center><br><br>".
                            "<form method=\"post\" action=\"login.php\">".
                            "Username: <input type=\"text\" name=\"username\" value=\"\" size=\"20\"><BR>".
                            "Password: <input type=\"password\" name=\"password\" value=\"\" size=\"15\"><BR>".
                            "<input type=\"Submit\" value=\"Submit\">".
                            "</center>".
                            "</form>".

                            "<p>Invalid Username and Password</p>" .
                            "</body>".
                            "</html>";    
                        
                    } 
                }else
                {


                    echo
                    "<html>".
                    "<body text=\"black\" link=\"blue\" vlink=\"blue\" bgcolor=\"white\">".


                    "<center><br><br>".
                    "<form method=\"post\" action=\"login.php\">".
                    "Username: <input type=\"text\" name=\"username\" value=\"\" size=\"20\"><BR>".
                    "Password: <input type=\"password\" name=\"password\" value=\"\" size=\"15\"><BR>".
                    "<input type=\"Submit\" value=\"Submit\">".
                    "</center>".
                    "</form>".

                    "<p>Username and Password are required fields.</p>" .
                    "</body>".
                    "</html>";
                }







        }
function verifyLogin($Username, $Password) {
    $retval = FALSE;
    $DBConnect = @mysql_connect("localhost", "rlussier", "jam1j0r3al");
    if ($DBConnect === FALSE) {
        echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
    }
    else {
        $DBName = "rlussier";
//        $DBName = "userdb";
        mysql_select_db($DBName, $DBConnect);
        $TableName="usertb";
        $SQLstring="SHOW TABLES LIKE '$TableName'";
        $QueryResult=@mysql_query($SQLstring, $DBConnect);
        
        if (mysql_num_rows($QueryResult) == 0) {
            echo "<p>Unable to verify username and password.</p>";
        }
        else
        {
            $SQLstring = "SELECT * FROM $TableName WHERE username='$Username'";
            $QueryResult=@mysql_query($SQLstring, $DBConnect);
            if ($QueryResult === FALSE) {
                echo "<p>Unable to execute the query.</p>";
            } else
            {
                $Row = mysql_fetch_row($QueryResult);
                if ($Password == $Row[1]) {
                    $retval = TRUE;
                }
            }
        }
        mysql_free_result($QueryResult);
        mysql_close($DBConnect);
    }
    echo ($retval);
    return ($retval);
}
?>