l3.cas-d-astre/logcheck.php

52 lines
1.1 KiB
PHP
Raw Permalink Normal View History

2009-05-01 08:39:36 +00:00
<?php
/* v<>rifier si le login est dans la base */
/* r<>cup<75>rer les propri<72>t<EFBFBD>s de l'user s'il est dans la base */
if (!$_SESSION["member"]){
require("db.conf.php");
$connexion = @mysql_connect(SQL_SERVER,SQL_USER,SQL_PASSWD);
if (!$connexion) {
echo "Erreur serveur mysql $connexion";
} else {
/* protection des la requete */
$login=strip_tags($_POST["login"]);
$secureLogin=mysql_escape_string($login);
$securePass=md5($_POST["passwd"]);
$query="SELECT * FROM Users WHERE ( ".
"LOGIN='".$secureLogin."' AND ".
"PASS='".$securePass."' ".
") ORDER BY login DESC LIMIT 0,1";
$result=mysql_db_query(SQL_BASE,$query,$connexion)
or die($query.":".mysql_error($connexion));
if (mysql_num_rows($result)>0){
$row=mysql_fetch_object($result);
$_SESSION["member"]=$row->login;
$_SESSION["userInfo"]=new UserInfo(
$row->login,
$row->accesslevel,
$row->category,
$row->idcat
);
} else {
// stopper la session...
//print "$securePass";
//session_destroy();
}
//mysql_close($connexion);
}
}
if (!$_SESSION["member"]){
header("Location: login.php");
}
?>