";
echo "Try again";
exit;
### HACK END
require('sanitize.inc.php');
$username = sanitize($_SERVER['PHP_AUTH_USER'],SQL);
$password = sanitize($_SERVER['PHP_AUTH_PW'],SQL);
// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());
// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());
$match = "select user_name from $table where user_name = '".$username."'
and user_passwd = ENCRYPT('".$password."',user_salt);";
$qry = mysql_query($match)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
header('HTTP/1.0 401 Unauthorized');
echo "Sorry, there is no username ".$username." with the specified password.
";
echo "Try again";
exit;
} else {
$url = "/mp3s/";
# if (!headers_sent()) {
# ob_end_clean();
# header("Location: " . $url);
# }
printf("");
# printf("", $url);
printf("", $url, $url);
echo "You are now logged in!
";
printf("Redirect ",$url);
printf("");
}
} else {
header('HTTP/1.0 401 Unauthorized');
echo "You shall not pass!
";
}
?>