<?php
session_start();
if (isset($_SESSION['Username'])) {
header("location:login_success.php");
}
if (isset($_POST['Username'])) {
ob_start();
$myUsername = $_POST['Username'];
$myPassword = $_POST['password'];
$sqlname = "SELECT * FROM dbo.Users WHERE Username='$myUsername' and Password='$myPassword'";
$params = array();
$options = array('Scrollable' => SQLSRV_CURSOR_KEYSET);
$stmt = sqlsrv_query( $conn, $sqlname, $params, $options);
$row_count = sqlsrv_num_rows( $stmt );
if($row_count==1){
$_SESSION['Username']= $myUsername;
$_SESSION['Password']= $myPassword;
$kb= $_SESSION['Username'];
if (!$mysqli->query("CREATE TABLE IF NOT EXISTS user_log (id INT AUTO_INCREMENT PRIMARY KEY,user VARCHAR(15),state VARCHAR (7),ts TIMESTAMP)") ||
!$mysqli->query("INSERT INTO user_log (user, state) VALUES ('$kb', 'Login')")) {
echo "Table creation failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
if (!$mysqli->query("CREATE TABLE IF NOT EXISTS user_log (id INT AUTO_INCREMENT PRIMARY KEY,user VARCHAR(15),state VARCHAR (7),ts TIMESTAMP)") ||
!$mysqli->query("INSERT INTO user_log (user, state) VALUES ('user', 'LogFail')")) {
echo "Table creation failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
}
ob_end_flush();
}
else {
header("location:sql.php");
}
?>
preferences:
51.35 ms | 402 KiB | 5 Q