login check using php
if ($_SESSION['ADMINID'] != “”
&& $_SESSION['ADMINUSERNAME'] != “” &&
$_SESSION['ADMINPASSWORD'] != “”)
{
$redirect = $config['adminurl'].”/home.php”;
header(“location: $redirect”);
}
else
{
{
$redirect = $config['adminurl'].”/home.php”;
header(“location: $redirect”);
}
else
{
if($_POST['login']!=”")
{
$adminusername = htmlentities(strip_tags($_REQUEST['username']), ENT_COMPAT, “UTF-8″);
$adminpassword = htmlentities(strip_tags($_REQUEST['password']), ENT_COMPAT, “UTF-8″);
if ($adminusername == “”)
{
$error = “Error: Username not entered.”;
}
elseif ($adminpassword == “”)
{
$error = “Error: Password not entered.”;
}
else
{
$encodedadminpassword = md5($adminpassword);
$query=”SELECT * FROM administrators WHERE username=’”.mysql_real_escape_string($adminusername).”‘ AND password=’”.mysql_real_escape_string($encodedadminpassword).”‘”;
$executequery=$conn->execute($query);
$getid = $executequery->fields[ADMINID];
$getusername = $executequery->fields[username];
$getpassword = $executequery->fields[password];
{
$adminusername = htmlentities(strip_tags($_REQUEST['username']), ENT_COMPAT, “UTF-8″);
$adminpassword = htmlentities(strip_tags($_REQUEST['password']), ENT_COMPAT, “UTF-8″);
if ($adminusername == “”)
{
$error = “Error: Username not entered.”;
}
elseif ($adminpassword == “”)
{
$error = “Error: Password not entered.”;
}
else
{
$encodedadminpassword = md5($adminpassword);
$query=”SELECT * FROM administrators WHERE username=’”.mysql_real_escape_string($adminusername).”‘ AND password=’”.mysql_real_escape_string($encodedadminpassword).”‘”;
$executequery=$conn->execute($query);
$getid = $executequery->fields[ADMINID];
$getusername = $executequery->fields[username];
$getpassword = $executequery->fields[password];
if (is_numeric($getid) &&
$getusername != “” && $getpassword != “” && $getusername ==
$adminusername && $getpassword == $encodedadminpassword)
{
$_SESSION['ADMINID'] = $getid;
$_SESSION['ADMINUSERNAME'] = $getusername;
$_SESSION['ADMINPASSWORD'] = $encodedadminpassword;
$redirect = $config['adminurl'].”/home.php”;
header(“location: $redirect”);
}
else
{
$error = “Invalid username/password entered.”;
}
}
}
{
$_SESSION['ADMINID'] = $getid;
$_SESSION['ADMINUSERNAME'] = $getusername;
$_SESSION['ADMINPASSWORD'] = $encodedadminpassword;
$redirect = $config['adminurl'].”/home.php”;
header(“location: $redirect”);
}
else
{
$error = “Invalid username/password entered.”;
}
}
}
Comments
Post a Comment