nerdpowah23
New Member
- Messages
- 14
- Reaction score
- 0
- Points
- 0
This code below, should work properly, however I have no idea what I'm missing here, the else statement that says "Your info is incorrect..." which led me to believe that the query was messed up somehow, so I added an or trigger error on to it. Still no luck, can you help?
Code:
<?php require("styles/top.php");?>
<?php
$salt1 = "***********";
$salt2 = "***********";
?>
<?php
if (isset($_POST['login-btn'])){
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
if ($username && $password){
$pass = $salt2.md5($password).$salt1;
$query = mysql_query("SELECT * FROM farcry_crime_town.users WHERE username='$username' AND password='$pass'") or trigger_error('Error: ' . mysql_error());
$numrows = mysql_num_rows($query);
if ($numrows == 1){
$row = mysql_fetch_assoc($query);
$dbid = $row['userid'];
$dbuser = $row['username'];
$locked = $row['locked'];
$userlevel = $row['userlevel'];
$total_logins = $row['total_logins'];
if($locked = 0){
$new_total = $total_logins+1;
$ip = $_SERVER['REMOTE_ADDR'];
mysql_query("UPDATE farcry_crime_town.users SET last_login='NOW()', ip='$ip', total_logins='$new_total' WHERE userid='$dbid'");
echo"<script type=\"text/javascript\">
window.location = \"index.php\"
</script>";
$_SESSION['username'] = $dbuser;
$_SESSION['userid'] = $dbid;
$_SESSION['userlevel'] = $userlevel;
}
else
echo"<center><font color=\"red\">Your account is locked.</font></center>";
}
else
echo "<center><font color=\"red\">Your login information was incorrect.</font></center>";
}
else
echo "<center><font color=\"red\">You did not fill in the entire form.</font></center>";
}
?>
<form action="login.php" method="post" enctype="multipart/form-data">
<center>
<table>
<tr>
<td>Username </td>
<td><input type="text" name="username" class="textbox" /></td>
</tr>
<tr>
<td>Password </td>
<td><input type="password" name="password" class="textbox" /></td>
</tr>
<tr>
<td><p class="login">
<input name="login-btn" type="submit" class="btn" value="LOGIN" />
</p></td>
</tr>
</table>
</center>
</form>
</body>
</html>