<?php
include('include/db.php'); // database နဲ႔ ခ်ိတ္ေပးရန္
/*****************************************
တစ္ကယ္လို႔ Session user မဟုတ္ဘူးဆိုရင္
*****************************************/
if ( !$_SESSION['user'])
{
/***************************************
တစ္ကယ္လို႔ login ကိုနွိပ္ရင္
***************************************/
if ( isset ($_POST['login']))
{
/***********************************************
တစ္ကယ္လို႔ username and password ကို မထည္႔ခဲ႔ဘူးဆိုရင္
***********************************************/
if(!$_POST['username'] || !$_POST['password'])
{
echo "Please make sure you have entered a username and password";
}
$username = $_POST['username'];
$password = md5 ( $_POST['password'] ) ;
$getinfo = mysql_query ( "SELECT * FROM table WHERE username='$username' AND password='$password' ) or die(mysql_error());
if ( $log == mysql_fetch_object ( $getinfo ) )
{
$_SESSION['user'] = $_POST['username'];
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("H:i:s");
$updateip = mysql_query("UPDATE table SET ip='$ip' WHERE username=' " . $_SESSION['user'] . " ' " ) or die ( mysql_error());
$getidd = mysql_query("SELECT * FROM table WHERE username='$username'") or die ( mysql_error());
$getid = mysql_fetch_array ( $getidd ) ;
mysql_query("INSERT INTO table ( username , time , id ) VALUES ( '$username' , '$time' , ' " . $getid['id'] . " ') ");
header ( "Location : news.php ");
}
else
{
$error = "Wrong username and Password ";
}
}
}
else
{
echo "You are Hacker?";
}
?>
No comments:
Post a Comment
Thanks for your comments
Welcome from cyberoot