Login
LoggedIn()))
{
if (isset($_POST['loginBtn']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$errors = array();
if (!ctype_alnum($username) || strlen($username) < 4 || strlen($username) > 15)
{
$errors[] = 'Username Must Be Alphanumberic And 4-15 characters in length';
}
if (empty($username) || empty($password))
{
$errors[] = 'Please fill in all fields';
}
if (empty($errors))
{
$SQLCheckLogin = $odb -> prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username AND `password` = :password");
$SQLCheckLogin -> execute(array(':username' => $username, ':password' => SHA1($password)));
$countLogin = $SQLCheckLogin -> fetchColumn(0);
if ($countLogin == 1)
{
$SQLGetInfo = $odb -> prepare("SELECT `username`, `ID` FROM `users` WHERE `username` = :username AND `password` = :password");
$SQLGetInfo -> execute(array(':username' => $username, ':password' => SHA1($password)));
$userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
if ($userInfo['status'] == 0)
{
$_SESSION['username'] = $userInfo['username'];
$_SESSION['ID'] = $userInfo['ID'];
{
$ip = getRealIpAddr();
if (filter_var($ip, FILTER_VALIDATE_IP))
{
$SQL = $odb -> prepare('INSERT INTO `loginlogs` VALUES(:username, :ip, UNIX_TIMESTAMP())');
$SQL -> execute(array(':ip' => $ip, ':username' => $username));
echo '
SUCCESS: Login Successful. Redirecting....
';
die();
}
else
{
echo '
';
}
}
}
else
{
echo '
ERROR: Your user was banned
';
}
}
else
{
echo '
';
}
}
else
{
echo '
ERROR:
';
foreach($errors as $error)
{
echo '-'.$error.'
';
}
echo '
';
}
}
}
else
{
echo "
Already logged in, redirecting...";
echo "
";
die();
}
?>
