Check this out, let me know what would be benefital to make my code better.
Thanks,
Chad
// Login variable
$loginnow = $_POST['loginnow'];
if(isset($loginnow))
{
// Get username/password from form
$username = trim($_POST['username']);
$userpwd = trim($_POST['userpwd']);
if((empty($username)) || (empty($userpwd)))
{
$username_error = 1;
$errors = 1;
$error_written = "Username and Password is required.";
}else{
// There was a valid username.
include_once("includes/db.connection.inc.php");
$get_user_info = "SELECT * FROM homes_users WHERE users_name='$username'";
$get_user_info_result = mysql_query($get_user_info);
if(mysql_num_rows($get_user_info_result) < 1)
{
// Set the error message to the username/password invalid problem.
$errors = 1;
$error_written = "Your username/password is invalid.";
}else{
while($user_info = mysql_fetch_array($get_user_info_result))
{
// Get the core values
$user_id = $user_info['users_id'];
$user_pwd = $user_info['users_pwd'];
if(md5($userpwd) == $user_pwd)
{
if($user_info['users_active'] == 1)
{
// Set the SESSION variables
$_SESSION['GLOBAL_ID'] = $user_id;
$_SESSION['GLOBAL_NAME'] = $user_info['users_name'];
// Update their account
$today = date("F j, Y, g:i a");
$update_account = "UPDATE homes_users SET users_lastlogin='$today' WHERE users_id='$user_id'";
mysql_query($update_account);
echo "<meta http-equiv='refresh' content='0; URL=admin.index.php'>";
exit();
}else{
// Get the error messages.
$errors = 1;
$error_written = "You are not authorized to view this section.";
}
}else{
// Set the error message to the username/password invalid problem.
$errors = 1;
$error_written = "Your username/password is invalid.";
}
}
}
}
}
