1. <?php
  2.  
  3. // Sanitization
  4. function safeData($data) {
  5. 	$returnData = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars(trim($data)))));
  6. 	return $returnData;
  7. }
  8.  
  9. // Only begin logging the user in if the form has been submitted,
  10. // and if the 'login' variable is set to 'yes'.
  11. if (isset($_POST['submit']) && $_GET['login'] == "yes")) {
  12.  
  13.  
  14.  
  15.  
  16. mysql_connect('p80mysql90.secureserver.net','AmieAmie88','SexyAmieTits88');      mysql_select_db('amiedata');
  17.  
  18. // Sanitize these variables and make sure they are safe.
  19. // Sometimes malicious users try to inject bad things into your site.
  20. $user = safeData($_POST['user']);
  21. $pass = safeData($_POST['pass']);
  22.  
  23.  
  24. # Authenticate the user
  25.  
  26.  
  27. // Check if there is a user in the database that matches the entered data.
  28. $check1 = mysql_query("SELECT * FROM login WHERE user = '$user' AND pass='$pass'");
  29.  
  30. // If no user matches the entered data, then display an error.
  31. if (mysql_num_rows($check1) != 1) {
  32. 	mysql_close();
  33. 	die("Invalid Login");
  34.  
  35. }
  36. // Otherwise, log him/her in.
  37. else {
  38.  
  39. echo "Login Success!";
  40.  
  41. // Set the session
  42. session_start();
  43. $_SESSION['user'] = $user;
  44. 	}
  45. }
  46. ?>
  47. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  48. <html xmlns="http://www.w3.org/1999/xhtml">
  49. <head>
  50. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  51. <title>Log In</title>
  52. </head>
  53.  
  54. <body>
  55. <form action="index.php?login=yes" method="post">
  56. Username: <input type="text" name="user" /><br />
  57. Password: <input type="text" name="pass" /><br />
  58. <input type="submit" name="submit" value="Log In" /><p>
  59. </form>
  60.  
  61.  
  62.  
  63. </body>
  64. </html>
  65.