<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html><head> <title>Create account</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> </head> <body> <?php function show_form($message,$username,$password) { print "<div><h1>"; print $message; print "</h1><h2>Login</h2><form action=\""; print $_SERVER['PHP_SELF']; print "\" method=\"post\"><div><input type=\"hidden\";"; print " name=\"submitted\" value=\"1\" /></div>"; print "<p>Username <input type=\"text\""; print "name=\"username\" maxlength=\"15\" value=\""; print $username; print "\" /></p><p>Password <input type=\"password\""; print " name=\"pass\" value=\""; print $password; print "\"/></p><p><input type=\"submit\" value=\"Login\" />"; print "Not yet a member? <a href=\"create_account.php\">Create an account</a>!"; print "</p></form></div>"; } function process_form() { // $r is what is returned by the function $r['username']=''; $r['password']=''; $r['error']=''; if(isset($_POST['username'])) { $username=trim($_POST['username']); $r['username']=$username; } else { $r['error']="You have to set a user name"; return $r; } if(isset($_POST['pass'])) { $pass=trim($_POST['pass']); $r['password']=$pass; } else { $r['error']="You have to set a password"; return $r; } $sha_pass=sha1($pass); $db=mysql_connect('localhost:6033','krichel',''); $query="SELECT * FROM beer_shop.users WHERE username='$username' AND password = '$sha_pass'"; $result=mysql_query($query); $error=mysql_error(); if($error) { $r['error']="Sorry: $query gives an error<br/> $error"; return $r; } $affected=mysql_affected_rows(); if(! ($affected)) { $r['error']="Invalid username or password"; return $r; } return $r; } if(isset($_POST['submitted'])) { $r=process_form(); if($r['error']) { show_form($r['error'],$r['username'],$r['password']); } else { $user=$_POST['username']; print "<h1>Welcome to $user</h1>"; } } else { show_form('','',''); } ?> <p> <a href="http://validator.w3.org/check?uri=referer"><img style="border: 0pt" src="/valid-xhtml10.png" alt="Valid XHTML 1.0!" height="31" width="88" /></a> </p> </body> </html>