<?php
$mssql_host="192.168.2.107"; // Host name
$mssql_user="sa"; // Mysql username
$mssql_pass="123456"; // Mysql password
$mssql_db="PassportBOI"; // Database name
$tbl_name="login"; // Table name
// Connect to server and select database.
mysql_connect("$mssql_host", "$mssql_user", "$mssql_pass")or
die("cannot connect");
mysql_select_db("$mssql_db")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
//$sql="SELECT * FROM account2 WHERE name='$myusername' and passwd='$mypassword'";
//$result = mssql_query($sql) or die(mysql_error());
//$count=mssql_num_rows($result);
//echo $count;
$sql ="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql) or die;
$row=mysql_fetch_array($result);
$active=$row['active'];
$count=mysql_num_rows($result);
if($count==1)
{
session_register("myusername"); //If matches creates session!
$_SESSION['myusername']=$_POST["myusername"];
if (isset($_POST['rememberme'])) {
/* Set cookie to last 1 year */
setcookie('myusername', $_POST['myusername'], mktime(23, 59, 59, date("m"), date("d"), date("y")), '/account', 'rageboi');
setcookie('mypassword', md5($_POST['mypassword']), mktime(23, 59, 59, date("m"), date("d"), date("y")), '/account', 'rageboi');
} else {
/* Cookie expires when browser closes */
setcookie('myusername', $_POST['myusername'], false, '/account', 'rageboi');
setcookie('mypassword', md5($_POST['mypassword']), false, '/account', 'rageboi');
}
header('Location: index2.php?id=home'); //Will lead to index.php!
}
else {
echo '<script type="text/javascript">alert("Wrong username or password!");</script>';
header('Location: index2.php?id=main_login'); //Will lead to index.php!
}
?>