30)) {
$error .= "Your username is the incorrect length.";
$add_body = " onLoad=\"document.forms.mainform.u.focus();\"";
}
elseif(strlen($p) == 0) {
$error .= "Please tell us your password.";
$add_body = " onLoad=\"document.forms.mainform.p.focus();\"";
}
elseif((strlen($p) < 6) || (strlen($p) > 20)) {
$error .= "Your password is the incorrect length.";
$add_body = " onLoad=\"document.forms.mainform.p.focus();\"";
}
if(strlen($error) == 0) {
// commit
$u = strtolower($u);
$p = strtolower($p);
$find_user = mysql_query("SELECT m_clients.id, m_clients.lastlogondate, m_clients.lastloginip, m_clients.isadmin, m_sites.url, m_sites.id AS siteid FROM m_clients LEFT JOIN m_sites ON m_clients.id = m_sites.clientid WHERE m_clients.username = '".formatfield($u)."' AND m_clients.password = '".formatfield($p)."'");
if($find_user) {
if(mysql_numrows($find_user) == 1) {
// on success
// is currently admin
if($_SESSION['loggedin'] == TRUE) {
if(isAdmin()) {
$trackadmin = $_SESSION['clientid'];
$trackadminuser = $_SESSION['username'];
}
else $trackadmin = FALSE;
}
else $trackadmin = FALSE;
// update lastlogin
$ipaddress = GetHostByName($REMOTE_ADDR);
$_SESSION['loggedin'] = TRUE;
$_SESSION['username'] = $u;
$_SESSION['clientid'] = mysql_result($find_user, 0, id);
$lastlogind = mysql_result($find_user, 0, lastlogondate);
if($lastlogind == "0000-00-00 00:00:00") $lastlogind = "n/a";
else $lastlogind = substr($lastlogind, 8, 2)."/".substr($lastlogind, 5, 2)."/".substr($lastlogind, 0, 4)." ".substr($lastlogind, 11, 8);
$_SESSION['lastlogin'] = $lastlogind;
$lastloginip = mysql_result($find_user, 0, lastloginip);
if(strlen($lastloginip) == 0) $lastloginip = "n/a";
$_SESSION['lastloginip'] = $lastloginip;
$_SESSION['clientsite'] = mysql_result($find_user, 0, url);
$_SESSION['clientsiteid'] = mysql_result($find_user, 0, siteid);
$_SESSION['isadmin'] = mysql_result($find_user, 0, isadmin);
if($trackadmin != FALSE) {
$_SESSION['trackadmin'] = $trackadmin;
$_SESSION['trackadminuser'] = $trackadminuser;
}
else {
$_SESSION['trackadmin'] = FALSE;
$_SESSION['trackadminuser'] = FALSE;
}
if($trackadmin == FALSE) $update = mysql_query("UPDATE m_clients SET lastlogondate = NOW(), lastloginip = '".$ipaddress."' WHERE id = ".mysql_result($find_user, 0, id)." LIMIT 1");
header("Location: members-index.html");
exit;
}
else {
$error = "Your username and password have not matched. Please try again or contact support.";
$add_body = " onLoad=\"document.forms.mainform.p.focus();\"";
}
}
else {
$error = "Your username and password have not matched. Please try again or contact support.";
$add_body = " onLoad=\"document.forms.mainform.p.focus();\"";
}
}
}
else $add_body = " onLoad=\"document.forms.mainform.u.focus();\"";
include("header.php");
?>
Please enter your username and password below to access your account. If you dont have an account join us here:
0) {
echo "
".show_error($error)."
";
}
?>