-
Notifications
You must be signed in to change notification settings - Fork 1
/
login.php
executable file
·97 lines (86 loc) · 3.07 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php
if ( array_key_exists( 'btnExpireSession', $_REQUEST ) && $_REQUEST['btnExpireSession'] == '1' ) {
// break cookies
setcookie( "cookieUsername", FALSE, mktime(0,0,0,12,1,3015));
setcookie( "cookiePassword", FALSE, mktime(0,0,0,12,1,3015));
$_SESSION[ 'sessionUserId' ] = -1;
header( "Location: main.php");
}
if ( ( !Empty( $_POST['userLoginSubmit'] ) ) || ( !Empty($_COOKIE['cookieUsername']) && !Empty($_COOKIE['cookiePassword']) ) ) {
$txtUsername = $_POST['txtUsername'];
$txtPassword = $_POST['txtPassword'];
if ( Empty( $_POST['btnExpireSession'] ) ) {
// don't fetch the cookie information if the user logs out.
if ( !Empty($_COOKIE['cookieUsername']) && !Empty($_COOKIE['cookiePassword'])) {
$txtUsername = $_COOKIE['cookieUsername'];
$txtPassword = $_COOKIE['cookiePassword'];
}
}
$UserLoginQuery = "SELECT i_UID
FROM Users
WHERE vc_Username=\"$txtUsername\"
AND vc_Password = substr( md5( \"$txtPassword\"), 1, 20 )";
$UserLoginResultId = mysqli_query ($link, $UserLoginQuery);
$UserLoginResults = mysqli_fetch_object($UserLoginResultId);
if ( Empty( $UserLoginResults->i_UID ) ) {
$_SESSION['sessionUserId'] = -1;
if ( !Empty( $_POST['userLoginSubmit'] ) ) {
echo "That username password combination was not found.<br><br>";
}
}
else {
$_SESSION['sessionUserId'] = $UserLoginResults->i_UID;
$UpdateLastVisitQuery = "UPDATE Users SET dt_LastVisit = NOW(),";
$UpdateLastVisitQuery .= " WHERE i_UID = $UserLoginResults->i_UID";
$UpdateLastVisitResultId = mysqli_query ($link, $UpdateLastVisitQuery);
$_SESSION['sessionLastVisit'] = time();
if ( $_REQUEST[ 'chkRemember' ] == "on" ) {
setcookie( "cookieUsername", $txtUsername, mktime(0,0,0,12,1,3015));
setcookie( "cookiePassword", $txtPassword, mktime(0,0,0,12,1,3015));
}
// redirect to main area on login success.
header( "Location: main.php");
}
}
function OutputLoginForm( $UserLoginFormAction ) {
echo "<form name=\"UserLoginForm\" action=\"$UserLoginFormAction\" method=\"post\">";
// <a href="editprofile.php">Click here to register</a><br><br>
?>
<table>
<tr>
<td>
Username:
</td>
<td>
<input type="text" name="txtUsername">
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
<input type="password" name="txtPassword">
</td>
</tr>
<tr>
<td>
Remember me
</td>
<td>
<input type="checkbox" name="chkRemember">
</td>
</tr>
<tr>
<td>
</td>
<td>
<input type="submit" value="submit" name="userLoginSubmit">
</td>
</tr>
</table>
</form>
<?php
}
?>