'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database
'.mysqli_error($db));
mysqli_set_charset($db, 'utf8');
$sql = "SELECT * FROM ".$mysql_table." WHERE username = '".mysqli_real_escape_string($db, $_POST['username'])."'";
$result = mysqli_query($db, $sql);
if ($data = mysqli_fetch_array($result))
{
if ($crypt_pass == $data['password'] && $data['active'] != 0)
{
$found = true;
$db_email = $data['email'];
$db_fullname = $data['fullname'];
$db_username = $data['username'];
$db_role = $data['role'];
$folder = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1);
$db_avatar = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$folder" . "avatars/" . $data['avatar'];
}
}
mysqli_close($db);
if ($found == false)
{
header('Location: '.$error_page);
exit;
}
else
{
$_SESSION['email'] = $db_email;
$_SESSION['fullname'] = $db_fullname;
$_SESSION['username'] = $db_username;
$_SESSION['role'] = $db_role;
$_SESSION['avatar'] = $db_avatar;
$_SESSION['expires_by'] = time() + $session_timeout;
$_SESSION['expires_timeout'] = $session_timeout;
$rememberme = isset($_POST['rememberme']) ? true : false;
if ($rememberme)
{
setcookie('username', $db_username, time() + 3600*24*30);
setcookie('password', $_POST['password'], time() + 3600*24*30);
}
header('Location: '.$success_page);
exit;
}
}
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$password = isset($_COOKIE['password']) ? $_COOKIE['password'] : '';
?>
Untitled Page
