i cant see an error
<?PHP
session_start();
if (isset($_POST['Submit'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if (isset($email) && isset($password)) {
$handle = mysql_connect("localhost","root","");
mysql_select_db("man_of_honor");
$safe_email = sql_safe($email,$handle);
$safe_password = md5(sql_safe($password,$handle));
$login_query = "SELECT *
FROM moh_members
WHERE email = '".$safe_email."' AND password = '".$safe_passwd."'";
$result = mysql_query($login_query);
$num_rows = mysql_num_rows($result);
if ($num_rows == 1) {
// Login Valid
$resultArr = mysql_fetch_array($result);
$username = $resultArr['username'];
$_SESSION['user'] = $username;
mysql_query("UPDATE moh_members SET active = '1' WHERE username = '".$_SESSION['user']."'");
$active = $resultArr['active'];
$_SESSION['user'] = $active;
header("location: member_area.php");
} else {
if ($num_rows > 1) {
// Multi-Accounts
} elseif ($num_rows == 0) {
// No User Exists
header("location: index.php");
alert("No User With These Credentials Exists");
}
}
}
}
function sql_safe($str,$lnk) {
return mysql_real_escape_string(trim($str),$lnk);
}
function alert($str) {
echo "<script type='text/javascript'>alert('".$str."');</script>";
}
?>