کد:
<?php
session_start(); // ***Always apply session_start(); before anything else - Spence ;)***
$conn = mysql_connect('localhost', 'USERNAME', 'PASSWORD') or die(mysql_error());
mysql_select_db('realmd', $conn);
// Check if user wants to login (GET info)
if($_GET['script'] == 'logi'){
$user = mysql_real_escape_string($_GET['account_username']);
$pass= SHA1(mysql_real_escape_string($_GET['account_password']));
if(strlen($user)>0 && strlen($pass)>0) {
$loginQuery = mysql_query('SELECT `id`
FROM `account`
WHERE `username` = "'.$user.'"
AND `sha_pass_hash` = "'.$pass.'"
LIMIT 1') or die(mysql_error()); //troubleshoot testing.
$loginRow = mysql_fetch_row($loginQuery);
$user_id = $loginRow['id'];
if(strlen($user_id)>0) {
// Create new session, store the user id
$_SESSION['user_id'] = $user_id;
// Redirect to page.member_area.php
header('location: page.member_area.php');
} else
echo 'Username and Password do not match.';
}
}
?>
