if (isset($_POST['login'])){
$query = mysql_query("SELECT id FROM users
WHERE username = '".mysql_real_escape_string($_POST['username'])."'
AND password = '".mysql_real_escape_string($_POST['password'])."'");
/* wrong login information? redirect to error message */
if (mysql_num_rows($query) == 0){
header("Location: error.php");
exit;
}
/* set session with unique index */
$_SESSION['id'] = mysql_result($query, 0, 'id');
mysql_query("UPDATE users SET last_login = NOW(), _last_ip = '".$_SERVER['REMOTE_ADDR']."' WHERE id = '{$_SESSION['id']}'");
header("Location: welcome.php");
exit;
}
/* if logout, destroy session */
if (isset($_GET['logout'])){
mysql_query("UPDATE users SET online = '0' WHERE id = '{$_SESSION['id']}'");
session_unset();
session_destroy();
header("Location: index.php");
exit;
}
This works but if you leave username and password inputs empty, it log in too :/ I found it this script on a site.
How can I fix this hole?