Code: Select all
<?php
//ob
ob_start();
//session
session_start();
if (isset($_SESSION['username']))
{
header("Location: main.php");
exit();
}
//connect
$error = 'Could Not Connect To The Database';
mysql_connect('SITE.mysql','DATABASE NAME','DATABASE PASSWORD') or die ($error);
mysql_select_db('DATABASE NAME') or die ($error);
//include functions.php phpbb script
require 'forum/includes/functions.php';
if ($_POST{'login'})
{
//get form data
$username = addslashes(strip_tags(strtolower($_POST['username'])));
$password = addslashes(strip_tags($_POST['password']));
if (!$username||!$password)
echo "Please Enter A Username And Password<p />";
else
{
//find username
$find = mysql_query("SELECT * FROM phpbb_users WHERE username_clean='$username'");
if (mysql_num_rows($find)==0)
echo "Username Not Found<p />";
else
{
while ($find_row = mysql_fetch_assoc($find))
{
// grab passsord hash for user
$password_hash = $find_row['user_password'];
}
$check = phpbb_check_hash($password, $password_hash);
if ($check==FALSE)
echo "Incorrect Password";
else if ($check==TRUE)
{
$_SESSION['username']=$username;
header('Location: main.php');
exit();
}
}
}
}