Hello,
I have created a login page for my users. And it seems to not be working properly.
<?php
include "inc/header.php";
?>
<div class="ContentHold">
<?php
include "inc/globals.php";
if (isset($_POST['login']))
{
$username = addslashes(strip_tags($_POST['username']));
$password = addslashes(strip_tags($_POST['password']));
if (!$username||!$password)
{
?>
<div id="NotifyUI"> Please Enter a Username and Password. </div>
<?
}
else
{
$login_1 = mysql_query("SELECT * FROM users WHERE username='$username'");
while ($ban_row = mysql_fetch_assoc($login_1))
$ban = $ban_row['ban'];
if ($ban==1)
{
?>
<div id="NotifyUI"> Sorry, you have been abusing functions on our server. You have been banned. </div>
<?
}
else
{
$login = mysql_query("SELECT * FROM users WHERE username='$username'");
if (mysql_num_rows($login)===0)
{
?>
<div id="NotifyUI"> There is no Such user. </div>
<?
}
else
{
while($login_row = mysql_fetch_assoc($login))
{
$password_db = $login_row['password'];
$password = md5($password);
if (!$password==$password_db)
{
?>
<div id="NotifyUI"> You have entered the incorrect password for this user. </div>
<?
}
else
{
$active = $login_row['active'];
$email = $login_row['email'];
if ($active==0)
{
?>
<div id="NotifyUI">You have not activated your account. Please do so by checking your email [<? echo $email; ?>]</div>
<?
}
else
{
session_register("username");
$_SESSION['username']=$username;
header("location: welcome.php");
}
}
}
}
}
}
}
else
{
$username = $_SESSION['username'];
if (isset($_SESSION['username']))
{
?>
<div id='NotifyUI'><p>You are already logged in. You may now go to your profile page. <a href='index.php'</p></div>
<?
}
else
{
?>
<div id="logincontain">
<p>
<h1 style="margin-bottom:15px">Log into the site</h1>
</p>
<div id="loginspec">
<form action='login.php' method='POST'>
<div class="logincap">
<p>
<lable>Username</lable>
</p>
<p> </p>
<input type="text" name="username" onclick="this.value='';" onfocus="this.select()" onblur="this.value=!this.value?'':this.value;" />
<lablee>
<p> </p>
<p>Password (<a href="http://synthscope.com/">Forgot?</a>)</p>
<p> </p>
<p>
</lable>
<input type="password" name="password" onclick="this.value='';" onfocus="this.select()" onblur="this.value=!this.value?'':this.value;" />
</p>
</div>
</p>
<input type='submit' name='login' id='rightf' class='loginbtn' align='center' value='Log In' />
</form>
</div>
</div>
<?
}
}
?>
</div>
<?php
include "inc/footer.php";
?>
It will log you in. But then it just does nothing after the login. It's supposed to go to welcome.php, but it does not do that. Any Ideas?
Thanks in advance :)