-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
66 lines (57 loc) · 1.51 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
session_start();
require_once 'db.php';
require_once 'library.php';
if (isset($_POST['user_email'])) {
$email = htmlspecialchars($_POST['user_email']);
$password = htmlspecialchars($_POST['user_password']);
$password = sha1($password);
$_SESSION['failed'] = $email;
$parts = explode("@",$email);
$count = count($parts);
$query = "SELECT COUNT(*)
FROM users
WHERE email='$email'
OR username='$email'";
$result = mysql_query($query) or die('bad query');
$result = mysql_fetch_array($result);
$result = $result[0];
if ($result<1) {
header('Location:index.php');
} else {
$query = "SELECT password
FROM users
WHERE email='$email'
OR username='$email'";
$result = mysql_query($query) or die('bad query');
$result = mysql_fetch_array($result);
$result = $result[0];
if($result<>$password){
header('Location:index.php');}
else
{
unset($_SESSION['failed']);
header('Location:home.php');
//-----------SUCCESSFUL LOGIN NEED TO DETERMINE IF WAS USERNAME OR EMAIL-----------
$query = "SELECT COUNT(*)
FROM users
WHERE email='$email'";
$result = mysql_query($query) or die('bad query');
$result = mysql_fetch_array($result);
$result = $result[0];
if ($result == 1)
{$_SESSION['user'] = $email;}
else
{
$username = $email;
$email = getemail($username);
$_SESSION['user'] = $email;
}
setcookie('user', $email, time() + 314496000);
}
}
}
else
{header('Location:index.php');}
mysql_close($db);
?>