PHP - Php. Login Form Code Is Ok?

i need help for writing a code that will get only the base url and will return you the login url, for example

Base url = www.yahoo.com

and in return you will get the

yahoo login page url where you input the user name and password, remember the code should be dynamic i.e. what ever base url you give it will return the login/sign in url of the corrosponding url.


please help in this regard.

Regards

Hi,
I'm trying to login oscommerce with manual code. but unable to do that. all entries going to database but don't understand what is missing???
here is my code

Code: [Select]
$email_address = $_REQUEST['txtemail'];
       $password = $_REQUEST['password'];

    $check_customer_query = mysql_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from customers where customers_email_address = '" . $email_address . "'");
    if (mysql_num_rows($check_customer_query)> 0)
{
   $check_customer = mysql_fetch_assoc($check_customer_query);
  if (!tep_validate_password($password, $check_customer['customers_password']))
   {
     echo "password not found.";
   }else {

 

  tep_session_recreate();


$check_country_query = mysql_query("select entry_country_id, entry_zone_id from address_book where customers_id = '" . (int)$check_customer['customers_id'] . "' and address_book_id = '" . (int)$check_customer['customers_default_address_id'] . "'");
$check_country = mysql_fetch_array($check_country_query);

$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
tep_session_register('customer_id');
tep_session_register('customer_default_address_id');
tep_session_register('customer_first_name');
tep_session_register('customer_country_id');
tep_session_register('customer_zone_id');

mysql_query("update customers_info set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int)$customer_id . "'");


anyone have any idea about?

When I log in on my web-site it takes me to a php login-check page

This is the error code that I am getting;

Quote

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\login-check.php on line 26


This is the php code that i am using;

Code: [Select]
<?php
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="deliverpizza"; // Database name 
$tbl_name="customer, admin, staff"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_privelage.php");
}
else {

}
?>

I have this working code except I can't redirect to a thank you page when a new user registers.  When they login it works without issue.  I just don't know where or what to put for the registration part.   Here is my Code.  Any help would be much appreciated.   <?php  

Registration.php

Code: [Select]
<html>
<head>
<script type="text/javascript">
 function a()
{
   var x = document.login.username.value;
   var y = document.login.pass.value;

   if(x==""&& y=="")
   {
    alert("Please insert all message!");
    return false;
   }
   if(x=="")
   {
     alert("Please insert an username!");
     return false;
   }
   if(y=="")
   {
     alert("Please insert an password!");
     return false;
   }
}
</script>
</head>
<?php
 session_start();
    mysql_connect("localhost","root") or die(mysql_error());
    mysql_select_db("cute") or die(mysql_error());
    //session_start();
    $username = $_POST['username'];
    $password = $_POST['pass'];
    if (isset($_POST["submit"]))
    {
     $log = "SELECT * FROM regis WHERE username = '$username'";
     $login = mysql_query($log);
     $number = mysql_num_rows($login);

     if ($number == 0)
     {
      print "That user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>";
     }
      if ($number > 0)
     {
      $_SESSION['is_logged_in'] = 1;
     }
     if(!isset($_SESSION['is_logged_in']))
     {
     }
     else
     {
        echo "<meta http-equiv='refresh' content='0; url=form2.php'>";
     }


    }
    else
    {


?>
 <body>
 <table border="0">
 <form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return a()">
 <tr><td colspan=2><h1>Login</h1></td></tr>
 <tr><td>Username:</td>
 <td><input type="text" name="username" maxlength="40"></td></tr>
 <tr><td>Password:</td>
 <td><input type="password" name="pass" maxlength="50"></td></tr>
 <tr><td><input type="submit" name="submit" value="Register"></a></td>
 <td><input type="submit" name="submit" value="Login"></td></tr>
 </form>
 </body>
 <?php

  }

 

 ?> </html>


form2.php

Code: [Select]
<?php
session_start();

if (!isset($_SESSION['is_logged_in'])) {
     header("Location:login.php");
     die();     // just to make sure no scripts execute
}
?>
<?php
mysql_connect("localhost","root") or die(mysql_error());
mysql_select_db("cute") or die(mysql_error());
$message=$_POST['message'];
$n=$_POST['username'];


if(isset($_POST['submit'])) //if submit button push has been detected

{


   if(strlen($message)>1)
   {
      $message=strip_tags($message);
      $IP=$_SERVER["REMOTE_ADDR"]; //grabs poster's IP
      $checkforbanned="SELECT IP from ipbans where IP='$IP'";
      $checkforbanned2=mysql_query($checkforbanned) or die("Could not check for banned IPS");

    if(mysql_num_rows($checkforbanned2)>0) //IP is in the banned list
    {
     print "You IP is banned from posting.";
    }

    else
    {
     $thedate = date("U"); //grab date and time of the post
     $insertmessage="INSERT into chatmessages (name,IP,postime,message) values('$n','$IP','$thedate','$message')";
     mysql_query($insertmessage) or die("Could not insert message");
    }
   }
}


 ?>
<html>
<head>
<script type="text/javascript">
function addsmiley(code)
{
var pretext = document.smile.message.value;
              this.code = code;
              document.smile.message.value = pretext + code;
}

function a()
{
 var x = document.smile.message.value;
 if(x=="")
 {
  alert("Please insert an message!");
  return false;
 }

}

</script>
<style type="text/css">
body{ background-color: #d8da3d }
</style>
</head>
<body>
  <form name="smile" method="post" action="form2.php" onSubmit="return a()" >
   Your message:<br><textarea name='message' cols='40' rows='2'></textarea><br>
   <img src="smile.gif" alt=":)" onClick="addsmiley(':)')" style="cursor:pointer;border:0" />
   <img src="blush.gif" alt=":)" onClick="addsmiley('*blush*')" style="cursor:pointer;border:0" />
   <input type="hidden" name="username" value="<?php echo $n;?>">
   <input type='submit' name='submit' value='Send' class='biasa'  ></form>

   
 
  <br> <br>
  </body>
</html>

My problem is after i login it redirect to login page although im had put after login page its need to go to form2.php page may i know which problem because now only im learning session

mysql_connect('', '', '');
mysql_select_db('');

if (isset($_POST['submit'])) {
  $user = mysql_real_escape_string($_POST['user']);
  $pass = mysql_real_escape_string($_POST['pass']);
  $sql = "SELECT id FROM login WHERE username = '$user' && `password` = MD5('$pass')";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      // $user & $pass are valid
               echo "You Logged In $user";
    } else {
      // $user || $pass invalid
                echo "Invalid Login";
    }
  }
}

Hello, for some reason I am unable to get the following code to work:

Code: [Select]
<?php
echo "<h1>Login</h1>";

if ($_SESSION['uid']) {
    echo "&nbsp; &nbsp; You are already logged in, if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n";
} else {

if (!$_POST['submit']) {
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./login.php\">\n";
echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Login\"></td></tr>\n";
echo "</form></table>\n";
}else {
$user = addslashes(strip_tags(($_POST['username'])));
$pass = addslashes(strip_tags($_POST['password']));
        
            if($user && $pass){
                $sql = "SELECT id FROM `users` WHERE `username`='".$user."'";
                $res = mysql_query($sql) or die(mysql_error());
                if(mysql_num_rows($res) > 0){
                    $sql2 = "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
                    $res2 = mysql_query($sql2) or die(mysql_error());
                    if(mysql_num_rows($res2) > 0){

$query = mysql_query("SELECT locked FROM `users` WHERE `username`='".$user."'");
$row2 = mysql_fetch_assoc($query);
$locked = $row2['locked'];

$query = mysql_query("SELECT active FROM `users` WHERE `username`='".$user."'");
$row3 = mysql_fetch_assoc($query);
$active = $row3['active'];

$query = mysql_query("SELECT email FROM `users` WHERE `username`='".$user."'");
$row3 = mysql_fetch_assoc($query);
$email = $row3['email'];


if ($active ==1){

if ($locked == 0){

$date = date("j")."^{".date("S")."} ".date("F, Y");

mysql_query("UPDATE users SET last_login='$date' WHERE username='$user'");

$row = mysql_fetch_assoc($res2);
$_SESSION['uid'] = $row['id'];
$previous = $_COOKIE['prev_url'];
echo "&nbsp; &nbsp; You have successfully logged in as " . $user . "<br><br><a href='" . $previous . "'>Click here</a> to go to the previous page.\n";
}else
{
echo "Your acount has been locked out due to a violation of the rules, if you think there has been a mistake please <a href='contact.php'>contact us</a>.";
}
} else {
echo "You need to activate your account! Please check your email ($email)";
}
   }else {
                        echo "&nbsp; &nbsp; Username and password combination are incorrect!\n";
                    }
                }else {
                    echo "&nbsp; &nbsp; The username you supplied does not exist!\n";
                }
            }else {
                echo "&nbsp; &nbsp; You must supply both the username and password field!\n";
            }
}

}
?>
It says that I have logged in successfully but the session is not created. You can find the script here and log in with the username "test" and the password "testing". I'm not sure what more information I should add.

Thanks,
Cameron

<?php
session_start( );
include_once( dirname( __FILE__ )."/../inc/func/get_sth.php" );
include_once( _ABSPATH_."/inc/func/header.php" );
if ( $_GET["f"] == "login" )
{
    $adminuser = strtolower( strip_tags( trim( $_POST["adminuser"] ) ) );
    $r_0 = strtolower( strip_tags( trim( $_SESSION["r"] ) ) );
    $r_1 = strtolower( strip_tags( trim( $_POST["r"] ) ) );
    if ( $r_0 == $r_1 )
    {
        $result = mysql_query( "SELECT password FROM admin where adminuser='".$adminuser."'" );
        $val = mysql_fetch_array( $result );
        if ( !$val["password"] )
        {
            $loginfail = 1;
        }
        else
        {
            if ( $val[password] === md5( $_POST["password"] ) )
            {
                $_SESSION['admin'] = $adminuser;
                header( "Location: ./" );
                exit( );
            }
            $loginfail = 1;
        }
    }
    else
    {
        $loginfail = 2;
    }
}
$page_title = l( "Administration Login" )." | ".get_sitename( );
$smarty->assign( "page_title", $page_title );
$smarty->assign( "loginfail", $loginfail );
$smarty->display( "mgt/login.tpl" );
?>

i am new to curl .and i m trying to create create a script to log into yahoo and click the confermation link in emails.
but i am stuck witht he login process only
i made the code below . but still i cant make it work. the problem is yahoo is implementing a captcha challange for this kind of automated headers. do you have any idea ho to make it work again without alerting the captcha challange ?

the header i caught through the livehttp header is as follows:

Content-Length: 347
.tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=in&.bypass=&.partner=&.u=4ls6cr96lbs8e&.v=0&.challenge=W9w31pCrbdazCcY4mH41fVsyxwd8&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&pad=1&aad=1&login=myyahooid&passwd=mypassword&.persistent=y&.save=&passwd_raw=


<?php

    
    $authUrl    = "https: //login.  yahoo  .   com/config/login?";
    $userAgent  = "Mozilla/5.0 (Windows NT 5.1; rv:2.0b11) Gecko/20100101 Firefox/4.0b11";
    $referer    = "http  :  //  my  .  yahoo  .  com";
    $login      = "userid";
    $password   = "password";
    $numPostData = 22;
    $cookieFileJar  = "ycookie.txt";
    $cookie = 0;
    $postData = ".tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=in&.bypass=&.partner=&.u=4ls6cr96lbs8e&.v=0&.challenge=W9w31pCrbdazCcY4mH41fVsyxwd8&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&pad=1&aad=1&login=$login&passwd=$password&.persistent=y&.save=&passwd_raw=" ;

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_USERAGENT, $userAgent);

    // Set the referrer
    curl_setopt($ch, CURLOPT_REFERER, $referer);

    // Set the authentication url
    curl_setopt($ch, CURLOPT_URL, $authUrl);

    // Set number of post fields
    curl_setopt($ch, CURLOPT_POST, $numPostData);

    //Set post data in key=value pair such as login=yourusername
    curl_setopt($ch, CURLOPT_POSTFIELDS, $numPostData);

    //Set filename for storing cookie information
    curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFileJar);

    //Set ffilename for checking the stored cookie information
    curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFileJar);

    //Set option for cookie
    curl_setopt($ch, CURLOPT_COOKIE, $cookie);
 
 //set this to output the result as string and not output directly ot browser
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

 //set this value to 1 if you want to redirect to the url you provided as service url
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
 
 //Set this option if you do not want to verify ssl
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
 
 //set this option if you do not want to verify peer's certificate
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
 
 //now execute the curl
    $res = curl_exec($ch);
     echo $res;
 //check if the username and password is valid
    if ((preg_match("/invalid/i", $res)) || (preg_match("/not yet taken/i", $res))) {
        echo "Invalid Login";
    }
    else {
  //if  CURLOPT_FOLLOWLOCATION is set to 1 then after logging in successfully user is directed to url that is specified as service url
        echo "Logged In";
    }
?>


then i have to work for clicking confermation links in mails. please suggest me some ways.i would be very grateful to you  

well basically im trying to do that the 'subject says.
ive done my homework and had around 10 examples of using curl, but none of them worked in my case.
this is the final code i'm using

<?php
$cookiefile = '/temp/cookies.txt';


#2 ways ive tried doing

#$data = array('edit[username]' => 'REMOVED', 'edit[password]' => 'REMOVED', 'edit[submit]' => 'Login');
$data = array('username] => 'REMOVED', 'password' => 'REMOVED', 'submit' => 'Login');




$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, 'http://pokerrpg.com');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiefile);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiefile);

curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);

curl_exec($ch);

curl_setopt($ch, CURLOPT_URL, 'http://pokerrpg.com/furniture_store.php');
$contents = curl_exec($ch);
$headers = curl_getinfo($ch);

echo $contents;

curl_close($ch);
unlink($cookiefile);
?>

im not sure about the cookie file, but i just made a txt file to that location. and empty txt file.  hope it's fine.

the page i'm trying is http://pokerrpg.com, you can even look the source code that both of these fields do exist.

when i run it, the output is a login page without logging in, so it does not log in. 

Hello -
I'm opening my website up to visitors for free, and trying to bypass a login screen to go straight into the data content that was appearing after a user logged in.  I have an index.php file that included the following code at the beginning:

 <?php
session_start();
include("database.php");
include("login.php");
include("/vservers/skyranks/db_connect.php");
?>
<?header("Cache-control: private"); ?>
<html>


I deleted the "include("login.php"); line, and was successful at bypassing the username and login screen.  However, the page that is supposed to display the data content is incomplete.  In fact, it only displays my company's logo.

Any ideas as to why the data content is not showing up? 

Thank you for any help with this, as my php is quite novice at this point.

Regards -

Joe

Hi guys,

I'm currently in the process of creating a login form. I'm using PHP to check a simple text file called 'users.txt' for the username and password which has been entered in the form.

If the username and password are NOT in the 'users.txt' file, it will create them on a new line.
Like so:

Users.txt
Code: [Select]
ExampleUser,ExamplePass\n
Marc,password
Craig,password
John,password

Once I try to log into an account which is NOT there, it will create an account underneath. So if I try to log in with username as "Matthew" and password as "password" it will show like so:

Code: [Select]
ExampleUser,ExamplePass\n
Marc,password
Craig,password
John,password
Matthew,password

Hoping this makes sense so far, all of the above works.
However when I click back, to go back onto the login form, I try to log in with one of the usernames/passwords in the 'users.txt' file, and it will create the exact same user on a new line, so I have 2 of the same usernames/passwords.

What I want it to do it, if the username is in the 'users.txt' file, for it to display a message saying "Congratulations you're logged in".

Here is the code for the PHP login page.

P4 LoginScriptFile.php
Code: [Select]
<?php
//This checks for required fields from the form.
if ((!$_POST[username]) || (!$_POST[password]))
{
header("Location: P4 LoginForm.php");
exit;
}

//This reads values from the form.
$form_user = $_POST[username];
$form_password = $_POST[password];

$flag = FALSE;
$filename = "users.txt";
$fp = fopen( $filename, "r" ) or die ("Couldn't open $filename");
while ( ! feof( $fp ) ) {
$line = fgets( $fp);
$user = strtok($line, ","); //Username
$password = strtok(","); //Password
if (($form_user == $user) && ($form_password == $password)) 
{
$flag = TRUE;
}
}

if ($flag)
{
echo "<br>Congratulations, you're logged in";
}

else{
$filename = "users.txt";
$updateuser = $_POST ['username'];
$updatepass = $_POST ['password'];

$fp = fopen( $filename, "a" ) or die("Couldn't open $filename");
fwrite( $fp, "$updateuser,$updatepass\n") or die ("Couldn't write values to your file!");
fclose( $fp );
echo "<br>An account has been created for you!";
}
?>

I think what I need is to read the file once the new user has been created. Any help would be greatly appreciated.
Thanks in advance for any help.
gixxx

User fills log in form on another page, but is then presented with "Your username cannot be found or password doesnt match" untill they press F5.... any ideas anyone?
Code: [Select]

<?php
mysql_connect("localhost","ambroid_mike","347610");
@mysql_select_db("ambroid_findapart") or die( "Unable to select database");

$user = $_POST['user'];
$pass = $_POST['pass'];

$mysqluser = ereg_replace("_", "\_", $user);
$query = "SELECT password FROM users WHERE username LIKE BINARY '$mysqluser'";
$result = mysql_query($query) or die("Error: ".mysql_error());
$row = mysql_fetch_array($result, MYSQL_NUM);
$foundpass = $row[0];


if ($foundpass == $pass) {
setcookie("FAPusername", $user);
setcookie("FAPpassword", sha1($foundpass));
$user = $_COOKIE['FAPusername'];
$pass = $_COOKIE['FAPpassword'];
}

$query = "SELECT * FROM users WHERE username='$user'";
$result = mysql_query($query) or die("Error: ".mysql_error());
$info = array();
$info = mysql_fetch_array($result, MYSQL_NUM);
$original = array();
$original = $info;

if (sha1($info[2]) != $pass) {
    mysql_close();
    die("<br><br><center><body bgcolor='#FFFFFF'><b><font face='Verdana' size='2pt'>Your username cannot be found or password doesnt match</font></b></center></body></html>");
}

?>

Hello, guys i hope you will help me with this cause i'm a complete newbie.
First 2 words about the goal :
I want to make a PHP script to autologin in one webpage and to get statistics in every 2 minutes. The account is mine so i dont want to scam or anything , just want to automate it cause this info i need in realtime, and refreshed often.
The page login page code looks like this :

Code: [Select]
<dl>
                    <dt>Username:</dt>
                    <dd><input type="text" name="user" size="20" value="" class="input_text" /></dd>
                    <dt>Password:</dt>
                    <dd><input type="password" name="passwrd" value="" size="20" class="input_password" /></dd>
                </dl>
                <dl>
                    <dt>Minutes to stay logged in:</dt>

                    <dd><input type="text" name="cookielength" size="4" maxlength="4" value="60" class="input_text" /></dd>
                    <dt>Always stay logged in:</dt>
                    <dd><input type="checkbox" name="cookieneverexp" class="input_check" onclick="this.form.cookielength.disabled = this.checked;" /></dd>
                </dl>
                <p><input type="submit" value="Login" class="button_submit" /></p>
and i try login like that :



Code: [Select]
$_login_url = 'URL of the login'; // url to login :)
$_user = 'myusername'; // username for login
$_pass = 'mypass'; // password..
$start = microtime(true);
    file_get_contents(
    $_login_url,
    false,
    stream_context_create(
        array(
          'http' => array(
            'method'  => 'POST',
            'header'  => 'Content-type: application/x-www-form-urlencoded',
            'content' => http_build_query(
            array(
                'user' => $_user,
                'passwrd' => $_pass,
                'cookielength' => '-1',
    //what here ???? 'Login',
               &nbsp;)
              ),
            )
          )
        )
    );
   
      $search['from'] = 'Set-Cookie: ';
      $search['to'] = ';';
      $cookie = array();
//the problem is that i cant login to go to the statistics page, cause site requires login for view.

Hello everyone,

When I submit my login form to go to my login page it goes to a white page and does not display an error.

Code: [Select]
<?php 
include("../secure/database.php");

if(!empty($_POST['loginsubmit'])){
if(!empty($_POST['email'])){

$email = securevar($_POST['email']);

if(!empty($_POST['passconf'])){

$pass = securevar($_POST['passconf']);

$q = "SELECT * FROM `accountinfo_db` WHERE `email` = '$email' AND `password` = '$pass'";

$res = mysql_query($q) or die(mysql_error());

$login = mysql_fetch_array($res);
$id = $login['id'];
$active = $login['active'];
if($id>=1){
if($active==1){
$_SESSION['logged'] = $login['id'];

$q = "UPDATE `accountinfo_db` SET `loggedtimes` = `loggedtimes`+'1' WHERE `id` = '$id'";
$res = mysql_query($q) or die(mysql_error());
$user = $login['username'];
header("Location: ../mainframe.php?strmsg=Welcome Back $user");
}else{
header("Location: activate.php");
}

}else{
   header("Location: ../index.php?strmsg=Login Information Incorrect!");    
}

       }else{
   header("Location: ../index.php?strmsg=You did not enter a valid password!");    
   }
   }else{
   header("Location: ../index.php?strmsg=You did not enter a valid email!");
   }
}else{
header("Location: ../index.php?strmsg=We are sorry but you are not allowed viewance of that directory!");
}
?>

any help would be great.
Brian