|
does anyone see anything wrong with this code:
<?php
$Array["username"] = trim($Array["username"]);
$Array["password"] = trim($Array["password"]);
// Database
$host = "darkstar";
$user = "root";
$dpassword = "123";
$dbname = "ao_db2003";
$link = mysql_connect($host, $user, $dpassword)
or die("Could not connect");
mysql_select_db("ao_db2003")
or exit("Could not select database");
$query = "Select password from users where(username = '$Array[username]')";
$result = mysql_query ($query, $link)
or die("error2");
while ($row = mysql_fetch_array ($result)) {
if ($row["password"] == $Array["password"]) {
$cpass = $Array["password"];
$cuser = $Array["username"];
setcookie("cuser", $cuser);
setcookie("cpass", $cpass);
$logtime = time();
$logtime2 = $logtime - 600;
$request = mysql_query ("DELETE FROM online WHERE (logtime < $logtime2)")
or die("error1");
$request = mysql_query ("DELETE FROM online WHERE (cuser='$cuser')")
or die("error");
$sql = "INSERT INTO online VALUES ('$cuser','$logtime')";
if (!$result = mysql_query($sql)){echo mysql_error();}
mysql_close($link);
header("location: main.php");
exit;
} else {
mysql_close($link);
header("location: failed.php");
exit;
};
};
mysql_close($link);
?>
|