login.php

alumini based system

<?php
	header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
    header( "Cache-Control: no-cache, must-revalidate" );
    header( "Pragma: no-cache" );
	session_start();
?>
<?php
//check if logged in
if (!isset($_SESSION['LoggedIn'])){
	//not logged in
	if (!isset($_POST['uname']) || !isset($_POST['pass']) ){
        $strHTML="<p><center><Form action=login.php method=post>";
        $strHTML=$strHTML."<br><B>User ID:</b>&nbsp;&nbsp;&nbsp;&nbsp;<input type=text name=uname>";
        $strHTML=$strHTML."<br><B>Password:</b>&nbsp;<input type=password name=pass>";
        $strHTML=$strHTML."<br><input type=Submit name=submit></form>";
        $strHTML=$strHTML."<br><font color=\"Red\">Error: Missing ID/Password!</font></center>";
	}
	else{
		//verify login
		$hostname = "localhost"; // The DB server. 
        $username = "root"; // The username you created for this database. 
        $password = ""; // The password you created for the username. 
        $usertable = "login"; // The name of the table you made. 
        $dbName = "alumni"; // This is the name of the database you made. 

        $link=mysql_connect($hostname, $username, $password);
        if (!$link) die("Couldn't Connect to SQL");
         @mysql_select_db($dbName) or die("Couldnt Open Database") ;
         $query="select user_name as user,user_password as pass from login";
         $results=mysql_query($query,$link) or mysql_error();
         $flaglogin=0;
          while ($getrow=mysql_fetch_row($results)){
              if ($_POST['uname']==$getrow[0]){
                if ($_POST['pass']==$getrow[1]){
                 //$strHTML= "<center><h1>Welcome"." ".ucwords(strtolower($_POST['uname']))." "."To Alumni Control Panel</h1></center>";
                 $_SESSION['LoggedIn']="yes"; 
				 header("Location: controlpanel.php");
                 $flaglogin=1;
                }
              }
          }
        if ($flaglogin==0){
        $strHTML="<p><center><Form action=login.php method=post>";
        $strHTML=$strHTML."<br><B>User ID:</b>&nbsp;&nbsp;&nbsp;&nbsp;<input type=text name=uname>";
        $strHTML=$strHTML."<br><B>Password:</b>&nbsp;<input type=password name=pass>";
        $strHTML=$strHTML."<br><input type=Submit name=submit></form>";
        $strHTML=$strHTML."<br><font color=\"Red\">Error: Invalid ID/Password!</font></center>";
        }
    }
}
else{
	//display control panel
    header("Location: controlpanel.php");
}
?>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta name="author" content="Sudershan Thaiba, sudershanthaiba@gmail.com">
<title>Alumni Administration</title>
</head>
<body>



<table border="0" cellpadding="0" cellspacing="0" width="706" height="388">
  <tr>
    <td width="701" height="70" align="center">
      <blockquote>
        <blockquote>
      <p align="center"><img border="0" src="../banner.jpg" width="464" height="86">
        </blockquote>
      </blockquote>
    </td>
  </tr>
  <tr>
    <td width="702" height="258" align="center" valign="top">
      <div style="position: absolute; top: 229; left: 104; width: 547; height: 19">
        <p align="center"><?php echo $strHTML;?>
      </div>
        </center>
    </td>
  </tr>
  <tr>
    <td width="701" height="60" align="center">
      <blockquote>
        <blockquote>
          <p align="center"><font color="#666699">Copyright
      2006, Bluegene Consulting Services<br></font>
      
          <a href="mailto:sudershanthaiba@gmail.com"><font color="#888577">Contact
          Webmaster</font></a>
        </blockquote>
      </blockquote>
      
  </tr>
</table>
</body>

</html>