$ohno=""; if (isset($_GET['SUB'])) {$SUBF = TRUE;} else {$SUBF = FALSE;} if (isset($_GET['ID'])) {$ID = check_input($_GET['ID']);} else {$ID = '';} if (isset($_GET['PW'])) {$PW = check_input($_GET['PW']);} else {$PW = '';} if ($SUBF == TRUE) { if ($ID != '') { $SQLPW=""; $nextWeek = time() + (7 * 24 * 60 * 60); $dbhost = 'ldb1022-vip.lsh.chicago.hostway'; $dbuser = 'u1064514_miegs'; $dbpass = 'NR)Yt3j/F3'; $database = 'db1064514_mieg'; $conn = mysql_connect($dbhost, $dbuser, $dbpass); @mysql_select_db($database) or die("Unable to select database");$conn = mysql_connect($dbhost, $dbuser, $dbpass); $sql=""; $sql = "select * from USERS where USER_ID = '".$ID."';"; mysql_select_db($database); $result=mysql_query($sql) or die("Can not run SQL statement.".$sql); $totalcount = mysql_numrows($result); if ($totalcount == 1) {$SQLPW = mysql_result($result,0,"PASSWORD");} else {$ohno = "User ID not found";} mysql_close(); if ($SQLPW != '') { if ($SQLPW == $PW) { $ohno = "User is logged in"; setcookie("MIEGCS", $ID, time()+3600); header('Location: http://www.miegs.org/Amember/Changepw.php'); exit(); } else { $ohno = "Wrong Password"; } } } } ?>