session_start(); session_register("user"); session_register("uname"); //*************************************************************************** //* ASP Football Pool * //* Do not remove this notice. * //* Copyright 1999-2004 by Mike Hall * //* Please see http://www.brainjar.com for documentation and terms of use. * //* * //* PHP Football Pool * //* PHP Port of ASP Football pool * //* Copyright 2005 by Brian Paulson and George Garcia * //* Please see http://lvbash.com/phpBB2 for more support on PHPFootball * //* version * //* * //* Allows a user to login. * //*************************************************************************** $subtitle="Login"; ob_start(); require("header.php"); //Get any form data. $football->WhoOnlineDelete; $username=$_POST['username']; $password=$_POST['password']; if ($_POST) { //Check input. if ($username=="") { $football->ErrorMessage("Please enter a username."); } elseif ($password=="") { $football->ErrorMessage("Please enter your password."); } else { //Verify the password and redirect to default page if correct. $sql="select * from ".$football->prefix."users where user = '".$username."'"; $rs = $football->dbQuery($sql,$football->database); $row = mysql_fetch_object($rs); $rows = mysql_num_rows($rs); if($rows == 0) { $football->ErrorMessage("User '".$username."' not found."); } elseif (md5($password) != $row->password) { $football->ErrorMessage("Incorrect password, please reenter."); } else { $user=$row->user; if ($row->name =="") { $uname=$row->user; } else { $uname=$row->name; } header("Location: index.php"); } } } else { //Set test cookie. setcookie("football","peanutbutter",0,"/",$football->domain,0); } ?>