The code below breaks my page... no wallpaper or tables are shown. The only thing shows is the logo and the login form. The form suppose to log me in then show my account name and some numbers.How to fix the below code?
<?php
include 'wasudf.php';
//
// get session id
//
$SessionID = $_GET['SessionID'];
if (!$SessionID)
$SessionID = $_POST['SessionID'];
if (!$SessionID)
$SessionID = $_COOKIE['SessionID'];
if (!$Function)
$Function = $_GET['FunkShun'];
if (!$Function)
$Function = $_POST['FunkShun'];
if (!$Function)
$Function="Home";
if (!$SessionID)
{
echo' <form action="index.php" method="post" id="LoginForm" style="color:#FFF">';
echo' <input type="hidden" name="SessionID" value="new"></input>';
echo' Username:';
echo' <label>';
echo' <input type="text" name="AccountNo" value="" class="input" size="28"></input>';
echo' </label>';
echo' <BR /><BR />';
echo' Password:';
echo' <label>';
echo' <input type="password" name="Password" value="" class="input" size="30"></input>';
echo' </label>';
echo' <BR /><BR />';
echo' <input type="image" src="images/input-img.gif" value="Log On" class="input-img"></input>';
echo' <BR /><br />';
echo' <a href="#" class="link" style="font-size:12px;">Register now!</a> <a href="#" style="font-size:12px;">Forgotten your password?</a> ';
echo' </form>';
return;
}
//
// this is a new session - add to web session table
//
if ($SessionID == "new")
{
$AccountNo = check_input(strtoupper(trim($_POST['AccountNo'])));
$Password = check_input(strtoupper(trim($_POST['Password'])));
if (!$AccountNo)
ExitLogOn("Invalid Account/Password");
$rs=mysql_query("select * from accounts where code='$AccountNo' and password='$Password'",$db);
$row=mysql_fetch_array($rs);
if (!$row)
ExitLogOn("Invalid Account/Password!");
mysql_query("update system set nextsession = nextsession + 1",$db);
$rs=mysql_query("select * from system",$db);
$row=mysql_fetch_array($rs);
$SessionID = $row['nextsession'];
//
// ensure this session does not exist already
// also remove any sessions belonging to this account
// - ie account can only be logged on one workstation at any time
//
mysql_query("delete from websession where sessionid='$SessionID' or account='$AccountNo'",$db);
$Expiry=strtotime("+1 hour");
$xCommand = "insert into websession set ";
$xCommand = $xCommand . "sessionid='$SessionID',";
$xCommand = $xCommand . "ipaddress='" . $_SERVER['REMOTE_ADDR'] . "',";
$xCommand = $xCommand . "account='$AccountNo',";
$xCommand = $xCommand . "password='$Password',";
$xCommand = $xCommand . "date='" . date('YmdHis',$Expiry) . "'";
mysql_query($xCommand,$db);
}
$rs=mysql_query("select * from websession where sessionid='$SessionID'",$db);
$row=mysql_fetch_array($rs);
if (!$row)
{
mysql_query("delete from websession where sessionid='$SessionID'",$db);
mysql_query("delete from elist where code='$SessionID'",$db);
ExitLogOn("Session Expired");
}
if ($row['date'] < date('YmdHis'))
{
mysql_query("delete from websession where sessionid='$SessionID'",$db);
mysql_query("delete from elist where code='$SessionID'",$db);
ExitLogOn("Session Expired!!");
}
$Expiry=strtotime("+1 hour");
$xCommand = "update websession set ";
$xCommand = $xCommand . "date='" . date('YmdHis',$Expiry) . "'";
$xCommand = $xCommand . "where sessionid='$SessionID'";
mysql_query($xCommand,$db);
$AccountNo = $row['account'];
$Password = $row['password'];
$MiscData = $row['data'];
$rs=mysql_query("select * from accounts where code='$AccountNo' and password='$Password'",$db);
$row=mysql_fetch_array($rs);
if (!$row)
ExitLogOn("Invalid Account/Password!!");
$Name = trim($row['name']);
$Balance = $row['balance'];
if ($Function == "Home")
{
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="post">';
echo '<input type="hidden" name="SessionID" value="' . $SessionID . '"></input>';
echo '<table width=800 align=center>';
echo ' <tr>';
echo ' <td align=center colspan="4" style="color:#F93;">';
echo $Name;
echo ' </td>';
echo ' </tr>';
echo ' <tr>';
echo ' <td align=center colspan="4" style="color:#F93;">';
echo ' Current Balance $ ' . snumber($Balance,10);
echo ' </td>';
echo ' </tr>';
echo ' <tr>';
echo ' <td align=center colspan="4">';
echo '  ';
echo ' </td>';
echo ' </tr>';
echo '</table>';
echo '</form>';
}
?>