<?
if(isset($_POST['accountUser']) && isset($_POST['accountPassword'])) {
include("dbase.php");
include("settings.php");
if ($_POST['accountType']=="member") {
$database="chatusers";
} else if ($_POST['accountType']=="model") {
$database="chatmodels";
} else if ($_POST['accountType']=="studioop") {
$database="chatoperators";
}
$userExists=false;
$result = mysql_query("SELECT id,user,password,status FROM $database WHERE status!='pending' AND status!='rejected' ");
while($row = mysql_fetch_array($result)) {
$tempUser=$row["user"];
$tempPass=$row["password"];
$tempId=$row["id"];
if ($_POST['accountUser']==$tempUser && md5($_POST['accountPassword'])==$tempPass) {
if ($row["status"]=="blocked") {
$userExists=true;
$errorMsg="Account is blocked, please contact the administrator for more details";
} else {
$userExists=true;
$currentTime=time();
mysql_query("UPDATE $database SET lastLogIn='$currentTime' WHERE id = '$tempId' LIMIT 1");
setcookie("usertype", $database, time()+3600);
setcookie("id", $tempId, time()+3600);
header("Location: cp/$database/");
}
}
}
if (!$userExists){
$errorMsg="Wrong Username or password";
}
} else if (isset($_GET['from']) && $_GET['from']=="recoverpass"){
$errorMsg="Your new password has been sent to your mail";
} else {
$errorMsg="Please complete username and password fields";
}
?>
<?
include("_main.header.php");
?>
<table width="720" height="200" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center" valign="middle"><form action="login.php" method="post" enctype="application/x-www-form-urlencoded" name="form1">
<p> </p>
<table width="720" border="0" align="center">
<tr>
<td colspan="2"><p align="left">
<span class="error"><?php if ( isset($errorMsg) && $errorMsg!=""){ echo $errorMsg; } ?></span>
<br>
<br>
</p></td>
</tr>
<tr>
<td width="210" align="right" valign="top" class="form_definitions"><div align="right">Username:</div></td>
<td align="left" valign="top"><input name="accountUser" type="text" id="accountUser" value="<? echo $_GET[user];?>" size="24" maxlength="24"></td>
</tr>
<tr>
<td align="right" valign="top" class="form_definitions"><div align="right">Password:</div></td>
<td align="left" valign="top"><input name="accountPassword" type="password" id="accountPassword2" size="24" maxlength="24"></td>
</tr>
<tr>
<td align="right" valign="top" class="form_definitions"><div align="right">Account type:</div></td>
<td align="left" valign="top">
<select name="accountType" id="select">
<option value="member" selected>Member</option>
<option value="model">Model</option>
<option value="studioop">Studio Operator</option>
</select> <div align="left"></div></td>
</tr>
<tr>
<td align="right" valign="top" class="form_definitions"> </td>
<td align="left" valign="top">
<input type="submit" name="Submit" value="Log In to your account"> <div align="left"></div></td>
</tr>
<tr>
<td align="right" valign="top" class="form_definitions"> </td>
<td align="left" valign="top"><a href="lostpassword.php" class="left">Lost Password? Press Here!</a></td>
</tr>
</table>
</form></td>
</tr>
</table>
<br>
<br>
<?
include("_main.footer.php");
?>
views:
424answers:
2
A:
Sounds to me like you are missing a quote in the html you didn't post here.
Chris Lively
2010-01-07 00:58:28
A:
I quoted the full html, however, im missing something, this is not a script I wrote, I know it has to do with the nesting but just dont see what is missing.
ro
2010-01-07 03:50:21