<?

php
require_once('db.php');
if(isset($_COOKIE['ID_my_site']))
{
$user = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM tbluser WHERE username = '$user'")or die(mys
ql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: list.php");
}
}
}
if (isset($_POST['submit'])) {
if(!$_POST['user'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
$check = mysql_query("SELECT * FROM tbluser WHERE username = '".$_POST['user']."
'")or die(mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here t
o Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
//$_POST['pass']=md5($_POST['pass']);
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['user'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
header("Location: list.php");
}
}
}
else

{
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="user" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>