$ip failed to login to $username, password was NULL.', '{$date}')";
mysql_query($insertLog) or die('MySQL Error - Could not insert log');
// Redirect to false login
header("Location: index.php?invalid=true");
}else{
// If the username and password match
if ($username == $data['username'] && $password == $data['password'] && $pin == $data['pin']){
// Set some session vars
$_SESSION["status"] = "loggedin";
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
$_SESSION["pin"] = $pin;
$_SESSION["djname"] = $djname;
// Get the ID of the user from the DB
$myID = mysql_query("select * from users where username = '{$username}'");
$myID = mysql_fetch_array($myID);
$myID = $myID['id'];
// Update the last login
$updateLastLogin = mysql_query("UPDATE users SET lastlogin = '{$date}' WHERE id = '{$myID}'") or die(mysql_error());
// Get info from DB about max infractions + suspended
$info = mysql_query("SELECT * from `info`");
$info = mysql_fetch_array($info);
if ($_SESSION[infractions] >= $info[maxinfractions] ){
die("you have been suspended from djing");
}
// Insert into the log
$logged = mysql_query("SELECT * FROM `users` WHERE `username`='{$_SESSION['username']}' AND password = '{$_SESSION['password']}'");
$logged = mysql_fetch_array($logged);
$insertLog = "INSERT INTO `logs` ( `log` , `date` ) VALUES ('$username (DJ-$logged[djname]) logged in from $ip', '$date')";
mysql_query($insertLog) or die('MySQL Error - Could not insert log');
// Redirect to the index
header("Location: index.php?p=_user/home");
exit;
}else{
// Wrong username and password
$insertLog = "INSERT INTO `logs` ( `log` , `date` ) VALUES ('$ip failed to login to $username.', '$date')";
mysql_query($insertLog) or die('MySQL Error - Could not insert log');
header("Location: index.php?invalid=true");
} // Close DB
include("closedb.php");
}
?>