2008-05-09, 10:40 PM
so i made a strategy page for the game i play i and want to "lock" it so only members that registed at forums can access
so this the code i had
so this the code i had
Quote:<?php
session_start();
require_once 'db.php';
$page_mode = isset($_POST['page_mode']) ? $_POST['page_mode'] : '';
$error_string = '';
if ($page_mode == 'login')
{
$username = $_POST['username'];
$password = $_POST['password'];
$salt = $_POST['salt'];
if (trim($username) == '' || trim($password) == '')
$error_string .= 'Please enter your username and password.<br>';
else
{
$result = db_query("SELECT username,password,salt FROM mybb_users WHERE username='" . mysql_real_escape_string($username) . "'");
if (!($row = mysql_fetch_assoc($result)))
$error_string .= 'The username was not found.<br>';
elseif ($row['password'] != md5(md5($row['salt']).$password))
$error_string .= 'The password did not match.<br>';
else
{
$_SESSION['user_id'] = $row['id'];
$_SESSION['username'] = $row['username'];
$_SESSION['password'] = $row['password'];
$_SESSION['salt'] = $row['salt'];
header('Location: index.php');
exit();
}
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Register</title>
<style type="text/css">
.error_text {
color: #FF0000;
width: 400px;
text-align: center;
}
.left_box {
float: left;
width: 150px;
text-align: right;
padding-right: 5px;
}
.right_box {
clear: right;
}
</style>
</head>
<body>
<div class="error_text"><?php echo $error_string; ?></div>
<form action="login.php" method="post">
<input type="hidden" name="page_mode" value="login">
<div class="left_box">Username</div>
<div class="right_box"><input type="text" name="username" size="30" maxlength="255" value="<?php if (isset($username)) echo $username; ?>"></div>
<div class="left_box">Password</div>
<div class="right_box"><input type="password" name="password" size="30"></div>
<div class="left_box"> </div>
<div class="right_box"><input type="submit" value="Log In" size="30"></div>
</form>
<?php
echo "From database: " . $row['password'] . "<br />";
echo "From database-salt: " . $row['salt'] . "<br />";
echo "Input: " . md5($password);?>
</body>
</html>