Username"; # echo "
"; # echo "Password"; # echo "
"; # echo ""; # echo ""; session_start(); # $IsLogin = 1; $NewLogin = 0; $DBCon = OpenDB(); if ((!isset($LoggedIn)) or ($LoggedIn == 0 )) { if (isset($_POST['Submit'])) { if (!get_magic_quotes_gpc()) $_POST['Username'] = addslashes($_POST['Username']); $Creds=mysql_query("SELECT * from users WHERE login = '" . $_POST['Username'] . "' AND password = '" . $_POST['Password'] ."'"); if (mysql_num_rows($Creds) > 1) { echo "ERROR - Duplicate Users"; $LoggedIn = 0; } elseif (mysql_num_rows($Creds) < 1) { echo "ERROR - Not Found"; $LoggedIn = 0; } else { while ($info=mysql_fetch_array($Creds)) { $LoggedIn = 1; $_SESSION['uname'] = $_POST['Username']; $_SESSION['pword'] = $_POST['Password']; $_SESSION['userid'] = $info['id']; #$_SESSION['editusers'] = $info['editusers']; #$_SESSION['editcust'] = $info['editcust']; #$_SESSION['editser'] = $info['editser']; #$_SESSION['editsupp'] = $info['editsupp']; #$_SESSION['viewlic'] = $info['viewlic']; //header('Location: index.php'); $NewLogin = 1; echo "Logged In"; } } } } if ((isset($LoggedIn) and ($LoggedIn))) { echo "Logged In
"; echo "Logout"; header('Location: disti/disti_index.php'); } else { # echo "Not Logged In
"; echo ""; } ?>