mirror of
https://github.com/Mibew/i18n.git
synced 2025-04-02 10:17:07 +03:00
git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@537 c66351dc-e62f-0410-b875-e3a5c0b9693f
81 lines
2.0 KiB
PHP
81 lines
2.0 KiB
PHP
<?php
|
|
//Start session
|
|
session_start();
|
|
|
|
//Include database connection details
|
|
require_once('libs/config.php');
|
|
|
|
//Array to store validation errors
|
|
$errmsg_arr = array();
|
|
|
|
//Validation error flag
|
|
$errflag = false;
|
|
|
|
//Connect to mysql server
|
|
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
|
|
if(!$link) {
|
|
die('Failed to connect to server: ' . mysql_error());
|
|
}
|
|
|
|
//Select database
|
|
$db = mysql_select_db(DB_DATABASE);
|
|
if(!$db) {
|
|
die("Unable to select database");
|
|
}
|
|
|
|
//Function to sanitize values received from the form. Prevents SQL injection
|
|
function clean($str) {
|
|
$str = @trim($str);
|
|
if(get_magic_quotes_gpc()) {
|
|
$str = stripslashes($str);
|
|
}
|
|
return mysql_real_escape_string($str);
|
|
}
|
|
|
|
//Sanitize the POST values
|
|
$login = clean($_POST['login']);
|
|
$password = clean($_POST['password']);
|
|
|
|
//Input Validations
|
|
if($login == '') {
|
|
$errmsg_arr[] = 'Login ID is missing';
|
|
$errflag = true;
|
|
}
|
|
if($password == '') {
|
|
$errmsg_arr[] = 'Password is missing';
|
|
$errflag = true;
|
|
}
|
|
|
|
//If there are input validations, redirect back to the login form
|
|
if($errflag) {
|
|
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
|
|
session_write_close();
|
|
header("location: member-index.php");
|
|
exit();
|
|
}
|
|
|
|
//Create query
|
|
$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
|
|
$result=mysql_query($qry);
|
|
|
|
//Check whether the query was successful or not
|
|
if($result) {
|
|
if(mysql_num_rows($result) == 1) {
|
|
//Login Successful
|
|
session_regenerate_id();
|
|
$member = mysql_fetch_assoc($result);
|
|
$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
|
|
$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
|
|
$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
|
|
session_write_close();
|
|
header("location: member-index.php");
|
|
exit();
|
|
}else {
|
|
//Login failed
|
|
header("location: login-failed.php");
|
|
exit();
|
|
}
|
|
}else {
|
|
die("Query failed");
|
|
}
|
|
?>
|