Login script is now
<?php include ($_SERVER['DOCUMENT_ROOT'].'/dblink.php'); ?>
<?php include ($_SERVER['DOCUMENT_ROOT'].'/addon.php'); ?>
<?php
$username=$_POST['username'];
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$checkus = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE username='$username'"));
$pword2 = md5($password);
$check = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE username='$username' AND password='$pword2'"));
$changepass = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE username='$username'"));
if($changepass[changedpass] == 0)
{
die(header("Location: $baseurl/change_pass.php?error=Please+update+your+details+to+keep+your+account+safe."));
}
if ($check[username])
{
if($check[verify]==1)
{
setcookie("lutari_user",$check[username], time()+60*60*24*365, "/staff/");
setcookie("lutari_pass",$check[password],time()+60*60*24*365, "/staff/");
setcookie("sketchedneo_user",$check[username], time()+60*60*24*365, "/staff/");
setcookie("sketchedneo_pass",$check[password], time()+60*60*24*365, "/staff/");
die(header("Location: $baseurl/staff/index1.php?error=Welcome+back+$username+"));
}
if($check[verify]==0)
{
die(header("Location: $baseurl/staff/index.php?error=Please+check+your+emails+and+activate+your+account."));
}
}
else
{
die(header("Location: $baseurl/staff/index.php?error=Error++Please+check+your+details+or+register."));
}
session_start();
// Rank Limit
$limit = 1;
// Using a session
$rank = $_SESSION['rank'];
// Using a cookie
$rank = $_COOKIE['rank'];
if ($rank < $limit) {
header("$baseurl/index.php?error=You+can+not+view+this+page.");
exit();
die();
}
?>
(i just put rank limit as 1 as the index info page is the page all members can see)
Im a little confused to what now sits at the top of pages?
I do also remove
if (!$checkrank) { $checkrank = 0; }
if (!$rank) { $rank = 0; }
if (!$rank == ' ') { $rank = 0; }
if ($rank < $checkrank)
{
header("Location: $baseurl/index.php?error=You+can+not+view+this+page.");
}
$userinfo = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE username='$username'"));
$rank = $userinfo[rank];
I dont know how I would re-code this next one if removed
if ($rank >= 30)
{
$admin = "<a href=\"$baseurl/staff/admin.php\">Admin</a>";
}
and then on all pages Do I removed
$checkrank = 5;
Im a little confused