Blame | Last modification | View Log | Download
<?phpsession_start();#required when using sessions to put that at the top of each pageinclude 'shoutfunctions.php';#used for dbinsansinclude 'shoutoptions.php';#used for database varsmysql_connect("$dbHost", "$dbUser", "$dbPass") or die("Unable to connect!");#connectmysql_select_db ($dbname);#select the database$PW = md5(dbinsans($_POST['password']));#md5 encryption on password$User = dbinsans($_POST['username']);#only does the hacker hole closing on username$result = mysql_query("SELECT * FROM ShoutAdmin WHERE username='$User' AND password='$PW'");#creates and executes query returns result$row =mysql_fetch_array($result);#fetches a rowif ($row['password']!= md5($_POST['password'])){#if the passwords don't match} else {$r=1;#we're using it to tell we got a match$_SESSION['username'] = $row['username'];#set the session variable username to the users name$_SESSION['password'] = $row['password'];#set the session variable password to the users password$_SESSION['level'] = $row['level'];#set the session variable level to the level}if ($r!=1)echo 'Sorry, your password is incorrect. Remember, it\'s case sensitive.';elseecho 'Thank you for logging in, <a href="ShoutAdmin.php">Click Here</a> to continue.';?>