<?
$token = md5(uniqid(rand(), TRUE));
$_SESSION['token'] = $token;
?>
<form name="giris" method="post" action="<?=$siteurl;?>/islem2.php?yap=giris&guv=<?=$token;?>">
<table>
<tr>
<td>Kullanıcı adı : </td>
<td><input name="username" type="text" size="12" maxlength="20"></td>
</tr>
<tr>
<td>Sifre : </td>
<td><input name="password" type="password" size="12" maxlength="20"></td>
</tr>
<tr>
<td>Hatırla : </td>
<td><input type="checkbox" name="remember" value="1"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input name="buton" type="submit" id="buton" value="Giriş Yap" class="submit"></td>
</tr>
</table>
<? echo $error; ?>
</form>
<?
session_start();
include("config.php");
include("config2.php");
@mysql_query("SET NAMES 'latin5'");
switch ($_GET['yap'])
{
case 'giris':
if($yap==giris){
$guv2=addslashes(strip_tags(trim($_POST[guv])));
if($guv2== $_SESSION['token']){
if(empty($username)){header ("Location:$siteurl/index.php?yap=onay&hata=1"); exit();}
if(empty($password)){ header ("Location:$siteurl/index.php?yap=onay&hata=2"); exit();}
$username2=addslashes(strip_tags(trim($username))) ;
$password2=md5(addslashes(strip_tags(trim($passwor d))));
$sql=mysql_query("select * from member where username='$username2' and password='$password2'");
$varmi=mysql_num_rows($sql);
if($varmi>0){
if ($remember == '1'){
setcookie("paylasim_user", "$username2", time()+3600, "/", "$siteurl", 0);
}
$_SESSION['valid_user'] = mysql_escape_string(mysql_result($sql, 0, 9));
header("Location:index.php");
} else {header("Location:$siteurl/index.php?yap=onay&hata=3");}
} else {exit(); die();}
}
break;
default:
break;
}
?>