From 17e2cfef8db3d946c518d3c670143eedeb94ab3b Mon Sep 17 00:00:00 2001 From: Nicolas Rannou Date: Thu, 1 Dec 2011 16:46:08 -0500 Subject: [PATCH] WIP: opens the good folder --- login.php | 6 ++++++ registeredarea.php | 9 ++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/login.php b/login.php index b400559..873674c 100644 --- a/login.php +++ b/login.php @@ -17,12 +17,15 @@ mysql_select_db("$db_name", $con)or die("cannot select DB"); // username and password sent from form + $myusername=$_POST['username']; $mypassword=$_POST['password']; $myemail=$_POST['email']; // To protect MySQL injection (more detail about MySQL injection) + $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myemail = stripslashes($myemail); + $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $myemail = mysql_real_escape_string($myemail); $mypassword = md5($mypassword); @@ -36,7 +39,10 @@ if($count==1){ // Register $myusername, $mypassword and $myemail and redirect to file "login_success.php" //$_SESSION["myemail"] = $myemail; + $_SESSION["myemail"] = $myemail; + $_SESSION["myusername"] = $myusername; session_register("myemail"); + session_register("myusername"); header("location:registeredarea.php"); exit; } diff --git a/registeredarea.php b/registeredarea.php index dba770d..36ff30f 100644 --- a/registeredarea.php +++ b/registeredarea.php @@ -11,11 +11,14 @@