Location: PHPKode > projects > PhpMyInventory > pmi281/login.php
<?
  Include("Includes/global.inc.php");

  forceSSL();

  If ($HTTP_POST_VARS["btnSubmit"]!="") {
    $strPassword = validateText("Password", $txtPassword, 6, 10, TRUE, FALSE);
    $strUserName = validateText("User ID", $txtUserName, 3, 20, TRUE, FALSE);

    If ($strError == "") {
        $strPassword = md5($strPassword);
        $strSQL = "SELECT id, securityLevel FROM tblSecurity WHERE userID='$strUserName' AND password='$strPassword'";
        $result = dbquery($strSQL);
        $row = mysql_fetch_row($result);
        If ($row[0] != "") {
            session_start();

            $userID = $row[0];
            $sessionTime = time();
            $sessionSecurity = $row[1];

            $strSQL2 = "Update tblSecurity Set lastLogin=".date("YmdHis")." Where id = ".$row[0];
            $result2 = dbquery($strSQL2);

            If (!$strError) {
                header ("Location: $strRedir");
                exit;
            }
        } Else {
            $strError = "Either that username or password was incorrect.";
        }
    }
  }

  writeHeader("");

  switch ($strError) {
    case "timeout":
        $strError = "Your session has timed out. Please log in again.";
        break;
    case "security":
        $strError = "Sorry, you do not have rights to that page.";
        $intNote = 1;
        break;
    case "login":
        $strError = "Please log in.";
        break;
    case "":
        $strError = "";
        break;
  }

  If ($strError != "") {
      echo "<b><font color='red'>$strError</font></b><br>";
  }
?>

<form name="form1" method="POST" action="login.php">
  <p><table border='0' width='380'>
    <tr>
      <td width='80'>UserID:</td>
      <td width='300'><input type="text" name="txtUserName" value="<?echo $strUserName;?>" size="20"></td>
    </tr>
    <tr>
      <td width='80'>Password:</td>
      <td width='300'><input type="password" name="txtPassword" size="20"></td>
    </tr>
  </table><p>
  <?
       If (!$strRedir OR $intNote) {
		   $strRedir = "http://".makeHomeURL("login.php")."/index.php";
       }
  ?>
  <input type="hidden" name="strRedir" value="<?echo $strRedir;?>">
  <input type="submit" value="Submit" name="btnSubmit">
  <input type="reset" value="Reset" name="reset">
</form>

<a href='forgotPW.php'><font size='-1'>Forgot your password?</font></a>

<?
  writeFooter();
?>
Return current item: PhpMyInventory