$ohno=""; if (isset($_GET['SUB'])) {$SUBF = TRUE;} else {$SUBF = FALSE;} if (isset($_GET['ID'])) {$ID = check_input($_GET['ID']);} else {$ID = '';} if (isset($_GET['PW'])) {$PW = check_input($_GET['PW']);} else {$PW = '';} if ($SUBF == TRUE) { if ($ID != '') { $SQLPW=""; include("OpenDataBase.php"); $sql=""; $sql = "select * from USERS where USER_ID = '".$ID."';"; mysql_select_db($database); $result=mysql_query($sql) or die("Can not run SQL statement.".$sql); $totalcount = mysql_numrows($result); if ($totalcount == 1) {$SQLPW = mysql_result($result,0,"PASSWORD");} else {$ohno = "User ID not found";} mysql_close(); if ($SQLPW != '') { if ($SQLPW == $PW) { $ohno = "User is logged in"; setcookie("MIEGCS", $ID, time()+3600); header('Location: http://www.miegs.org/Amember/MemberDelete.php'); exit(); } else { $ohno = "Wrong Password"; } } } } ?>