session_start();
import_request_variables('GP', "login_");
if(!isset($login_username)) {
$login_username = "";
}
$_SESSION['login'] = "$login_username";
if (isset($_GET['logout']) and $_GET['logout'] == 1) {
session_destroy();
print "
";
} else {
include ("includes/dbinfo.php");
include ("includes/header.php");
include ("includes/functions.php");
print "Contributor Log In
\n";
/*The $user_info_query locates the user's record in the Contributors table*/
$user_info_query = "SELECT * FROM Contributors WHERE login LIKE
'$login_username' AND user_type>0";
$user_info_result = mysql_query($user_info_query);
$row_user = mysql_fetch_array($user_info_result);
/*If $row_user returns a value, the password in the user's record is
compared to the login password. If there is a match, the login is
confirmed. If not, a message is printed letting the user know the password
is incorrect.*/
if ($row_user) {
if ($row_user['passwd'] == $login_password) {
$_SESSION['user_type'] = "$row_user[user_type]";
$_SESSION['user_id'] = "$row_user[id]";
$_SESSION['user_name'] = "$row_user[name]";
$log_query = "UPDATE Contributors SET last_login = NOW() WHERE id= $row_user[id]";
$log_result = mysql_query($log_query);
print "";
} else {
print "Sorry, the password you entered does not match the one in our file. Please try again.
";
}
/*If $row_user is empty, it means the username could not be found in the
users table. Therefore, the username
was entered incorrectly in the login screen.*/
} elseif ($_SESSION['login']) {
print "Sorry, the login name you entered does not exist in our system. Please try again.
";
}
print "
\n";
include ("includes/footer.php");
}
?>