Location: PHPKode > projects > Run > Run-

// sha1 BEGIN
//if submit is clicked, put user and pass values into user friendly variables.
if($HTTP_POST_VARS["submit"]) {
$user = $HTTP_POST_VARS["username"];
$pass = sha1($HTTP_POST_VARS["password"]);
$query = mysql_query("select * from $mysqlTableRunners where RunnerID='$user' and Password='$pass'");
$fetchData = mysql_fetch_assoc($query);
$rows = mysql_num_rows($query);

//check how many rows are there with the information above. 
//if only ONE and user is administrator, put sha1 into CookieRun and redirect to administrator.php
if ($rows == 1 && $user == 'Administrator') {
	$adminquery = mysql_query("select Password from $mysqlTableRunners where RunnerID='Administrator'");
	$admin = mysql_fetch_row($adminquery);
	setcookie('CookieRun', $admin[0], time()+3600);
	header("Location: administrator.php");
//if only ONE row and user is NOT Administrator put username into CookieRun and redirect to display.php with current date information encoded in the url
} elseif ($rows == 1 && $fetchData['Active'] == 'Y' && $user != 'Administrator' && $user != 'administrator') {
	setcookie('CookieRun', $pass, time()+60*60*24*3000);
	header("Location: display.php?month=".date("m")."&year=".date("Y")."&shoes=All");
} elseif ($rows == 1 && $fetchData['Active'] == 'N' && $user != 'Administrator' && $user != 'administrator') {
	$runnerNotActive = 1;
} elseif ($pass != $fetchData['Password']) {
	$wrongCombination = 1;
//	print "sha1 of pass: $pass<br>username: $user<br>number of rows found: $rows";
} elseif ($_GET["logout"] == 1) {
	$user = $_COOKIE["CookieRun"];
	header("Location: index.php");
//if the combination returns NO rows value of variable $wrongcombination is set to one
//value of $wrongcombination is later used to display warning that username-password combination was not found in the database
// sha1 END

<link rel="stylesheet" type="text/css" href="system/style.css">
<title>Run - Login</title>
<body style="margin-top: 60px">

<center><img src="system/imgs/run.png"></center>

<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<table border="0">
<tr><td class="right">Username:</td><td class="left"><input class="log" type="text" name="username" size="20" maxlength="30"></td></tr>
<tr><td class="right">Password:</td><td class="left"><input class="log" type="password" name="password" size="20" maxlength="40"></td></tr>
<tr><td></td><td class="left"><input class="form" type="submit" name="submit" value="Enter">&nbsp;<input class="form" type="submit" name="clear" value="Wipe"></td></tr>
if ($wrongCombination == 1) {
	echo "<span class=\"warning\">The username-password combination entered is not correct.</span>";
} elseif ($runnerNotActive == 1) {
	echo "<span class=\"warning\">Your account is not active. Conntact Run Administrator.</span>";

Return current item: Run