$LoginRS__query=sprintf("SELECT @@fldUsername@@, @@fldPassword@@ FROM @@table@@ WHERE @@fldUsername@@='%s' AND @@fldPassword@@='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); <@ else @> $LoginRS__query=sprintf("SELECT @@fldUsername@@, @@fldPassword@@, @@fldAuthorization@@ FROM @@table@@ WHERE @@fldUsername@@='%s' AND @@fldPassword@@='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); <@endif@> $LoginRS = mysql_query($LoginRS__query, $@@connection@@) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { <@ if (@@fldAuthorization@@ == "") @> $loginStrGroup = ""; <@ else @> $loginStrGroup = mysql_result($LoginRS,0,'@@fldAuthorization@@'); <@endif@> //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && @@redirectToReferrer@@) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> ]]> session_start("