import_request_variables("gP", "");
$password = $_POST['password'];
$password = md5($password);
if ($login=='1') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password='".$HTTP_POST_VARS["password"]."' AND username='".$HTTP_POST_VARS["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:bandboards.php?bid=".$HTTP_POST_VARS["bid"]);
} else {
$error = 'Incorrect username or password.';
$ac=1;
};
};
if ($login=='news') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password='".$_POST["password"]."' AND username='".$_POST["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:/article/$bid/$id/.html");
} else {
$error = 'Incorrect username or password.';
$ac=1;
};
};
if ($login=='mon') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password2='$password' AND username='".$_POST["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:/metalornot/");
} else {
$error = 'Incorrect username or password.';
$ac=1;
};
};
if ($login=='album') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password='".$HTTP_POST_VARS["password"]."' AND username='".$HTTP_POST_VARS["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:/albuminfo/$bid/$aid/.html");
} else {
$error = 'Incorrect username or password.';
$ac=1;
};
};
if ($login=='dt') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password='".$HTTP_POST_VARS["password"]."' AND username='".$HTTP_POST_VARS["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:/dangeroustruths/article.php?id=$id");
} else {
$error = 'Incorrect username or password.';
$ac=dt;
};
};
if ($login=='showreview') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password='".$HTTP_POST_VARS["password"]."' AND username='".$HTTP_POST_VARS["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:/addshowreview.php");
} else {
$error = 'Incorrect username or password.';
$ac="showreview";
};
};
if ($login=='albumreview') {
$linkm = mysql_connect("localhost", "thegaunt", "t4ntr1c") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$result = mysql_query( "SELECT * FROM mm_cthegauntlet WHERE password='".$HTTP_POST_VARS["password"]."' AND username='".$HTTP_POST_VARS["username"]."'", $linkm );
if ( mysql_num_rows($result) > 0 ) {
$row = mysql_fetch_assoc($result);
$hour = time() + 3600*24*30;
setcookie('thegauntletlog', $row["ID"], $hour, '/', '.thegauntlet.com');
header("Location:/addalbumreview.php");
} else {
$error = 'Incorrect username or password.';
$ac="albumreview";
};
};
if ($ac=='3') {
import_request_variables("gP", "");
$linkm = mysql_connect("localhost", "admin", "cr4wf0rd") or die("Could not connect");
mysql_select_db("the_gauntlet_com", $linkm) or die("Could not select database");
$uid = md5($email);
$sql = "INSERT INTO mm_cthegauntlet VALUES (null, '$email', now(), 1, '$uid', 1, '$name', '$country', '$username', '$password')";
$result = mysql_query( $sql, $linkm ) or die("Problem query ".$sql);
$id = mysql_insert_id();
$hour = time() + 3600*24*30;
setcookie("thegauntletlog", $id, $hour);
header("Location:bandboards.php?bid=$bid");
};
if (isset($delcookie)) { setcookie("thegauntletlog", "", time()); };
include("/home2/thegaunt/www/common/header-new.php");
include("/home2/thegaunt/www/adm/connectdb.php");
?>
if ($ac=='1') { /// on submit check for login echo $error; ?> | Forgot username/pw?