echo file_get_contents('template/header.html'); ?>
require('includes/db.php');
require('includes/settings.php');
displayTitle("Login to your EXISTING Account HERE- preapproval required");
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
//The complicated Validation
$error = false;
if (isset($_POST["submit"])) {
if (!isset($username) or $username == "" or $username == " ") {
echo "Error: You must specify a username!
";
$error = true;
}
if (!isset($password) or $password == "" or $password == " ") {
echo "Error: You must specify a password!
";
$error = true;
}
if (!$error) {
$aQuery = mysql_query ("SELECT * FROM stagdata_user where UPPER(username)='".strtoupper($username)."' or UPPER(email)='".strtoupper($username)."'");
if ($row = mysql_fetch_array($aQuery)) {
if ($row['status'] == 0) {
echo "Error: You have not validated your email yet, please check your email!
";
$error = true;
}
if ($row['status'] == 1) {
echo "Error: Your account has not yet been authorised. Please be patient and you will be mailed once it has been authorised.
";
$error = true;
}
if ($row['status'] == 99) {
echo $account_declined_message;
$error = true;
}
if (!$error){
if ($row['password'] == md5($password)) {
$_SESSION['stagdata_user_id'] = $row['id'] ;
} else {
echo "Error: Incorrect Password!
";
$error = true;
}
}
} else {
echo "Error: Username not valid!
";
$error = true;
}
}
}
session_start();
if ((isset($_POST["submit"]) and !$error) or isset($_SESSION['stagdata_user_id'])) {
echo "Successfully logged into account! Click here to view your account.";
} else {
?>
}
?>
echo file_get_contents('template/footer.html'); ?>