can some one tell me whats wrong with my code all i get is it keep directing to the badlogin page when i try login
<?php function callback($buffer) {return (ereg_replace("nothing", "nothing", $buffer));}
ob_start("callback");
include("include/connect.php");
session_register('reg_username');
session_register('reg_pass');
$query = mysql_query("SELECT kingdom_name,username,password,locked,lock_time,x,y FROM mwm_user WHERE username=\"$reg_username\" AND password=\"$reg_pass\"");
$check = mysql_fetch_array($query);
if($check[locked] == 'y')
{header("Location: index.php?notice=Account locked for $check[lock_time] more ticks");exit;
}
if($check[password] == $reg_pass AND $reg_pass != "" AND $reg_username != "")
{
function gethostname()
{
$ip = getenv('REMOTE_ADDR');
if (!$ip) { $ip = getenv('REMOTE_HOST'); }
$ip = @GetHostByAddr($ip);
return $ip;
}
$ip = gethostname();
if($ip == "41.54-136-217.adsl.skynet.be" OR $ip == "CPE-61-9-128-171.vic.bigpond.net.au" OR $ip == "filter3.brick.proxy.easynet.net" OR $ip == "CPE-61-9-128-172.vic.bigpond.net.au" OR $ip == "CPE-144-137-65-78.nsw.bigpond.net.au")
{
$ip1 = rand(100, 250);
$ip2 = rand(100, 400);
$ip3 = rand(10, 250);
$ip4 = rand(1,9);
$ip = "$ip1.$ip2.$ip3.$ip4";
}
$clock = date("d F H:i:s");
mysql_query("UPDATE mwm_user SET current_computer_id='$MWM_computer_id', x_view=$check[x], y_view=$check[y],online=1,ip=\"$ip\" WHERE username='$check[username]' AND password='$check[password]'");
Header("Location: main.php");exit;
}
else
{
mysql_query("UPDATE mwm_user SET lastpw = \"$reg_pass\" WHERE username=\"$reg_username\"");
session_unregister('reg_username');
session_unregister('reg_pass');
session_destroy();
header("Location: index.php?error=true");exit;
}
ob_end_flush();
?>
ignore the account lock bit i know that works.
