82 lines
1.7 KiB
PHP
82 lines
1.7 KiB
PHP
<?php
|
|
include("vars.inc");
|
|
include("functions.inc");
|
|
session_start();
|
|
if (isset($_SESSION['user']))
|
|
{
|
|
unset($_SESSION['user']);
|
|
}
|
|
if ( $_SERVER['REQUEST_METHOD'] == 'POST' &&
|
|
isset($_POST['user']) &&
|
|
isset($_POST['pass']) )
|
|
{
|
|
$mc = mysql_connect($MYSQL_SERVER, $MYSQL_USER, $MYSQL_PASSWORD);
|
|
if (!$mc)
|
|
die("Could not connect: " . mysql_error());
|
|
if (!mysql_select_db($MYSQL_DB, $mc))
|
|
die("Could not select database: " . mysql_error());
|
|
$mq = mysql_query("SELECT `password` FROM `users` WHERE `name` = '$_POST[user]'", $mc);
|
|
if (!$mq)
|
|
die("Query execution error: " . mysql_error());
|
|
$mr = mysql_fetch_assoc($mq);
|
|
if ($mr['password'] === $_POST['pass'])
|
|
{
|
|
$_SESSION['user'] = $_POST['user'];
|
|
unset($_SESSION['month']);
|
|
unset($_SESSION['year']);
|
|
header("Location: $MY_SERVER/main.php");
|
|
}
|
|
else
|
|
{
|
|
$failed_login = 1;
|
|
}
|
|
mysql_close($mc);
|
|
}
|
|
?>
|
|
<html>
|
|
<head>
|
|
<title></title>
|
|
<link rel="stylesheet" href="objects.css" />
|
|
<style type="text/css">
|
|
body {
|
|
margin-top: 1em;
|
|
}
|
|
p {
|
|
margin: 1em;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
|
|
<div style="margin-left: auto; margin-right: auto; width: 50%;">
|
|
<?php
|
|
echo round_table( <<< EOF
|
|
<b>Welcome to $APP_TITLE!</b>
|
|
EOF
|
|
, 1
|
|
);
|
|
echo '<br />';
|
|
echo round_table( <<< EOF
|
|
<form action="login.php" method="post">
|
|
<p>
|
|
EOF
|
|
. (isset($failed_login) ? '<span style="color: red;">Invalid login!</span><br /><br />' : '') . <<< EOF
|
|
User name: <input type="text" name="user" value="krissy" />
|
|
<br /><br />
|
|
Password: <input type="password" name="pass" />
|
|
<br /><br />
|
|
<input type="submit" value="Login" /> <input type="reset" />
|
|
</p>
|
|
</form>
|
|
|
|
EOF
|
|
, 1
|
|
);
|
|
|
|
?> </div>
|
|
|
|
</body>
|
|
</html>
|
|
|
|
|