0) loggedin(); if (!empty($_POST["email"]) && !empty($_POST["password"])) { $db = new bdb() or fatal($db->error); $result = $db->query("SELECT id FROM users WHERE email = '".$db->escape_string($_POST["email"])."' AND password = '".bulletin_hash($_POST["password"])."' AND active = 1 LIMIT 1") or fatal($db->error); if ($result->num_rows < 1) l_redirect('login.php?err=1'); $row = $result->fetch_assoc(); $result->free(); $token = uniqid("bu".$row["id"], true); $db->query("UPDATE users SET session = '".bulletin_hash($token)."' WHERE id = ".intval($row["id"])) or fatal($db->error); if ($db->affected_rows < 1) fatal("Could not sync with database."); $db->close(); setcookie($b_config['c_name'], intval($row["id"]).';'.$token, empty($_POST['remember']) ? 0 : (time()+$b_config['c_expire']), $b_config['c_path'], $b_config['c_dom'], $b_config['c_sec'], $b_config['c_http']); loggedin(); } else { $e = $_GET['err']; $e_flag = 0; $f_uname = 1 << 0; $f_pw = 1 << 1; $e_msg = 'An unknown error has occurred.'; if ($e == 1) { $e_flag = $f_uname | $f_pw; $e_msg = 'That email address and password combination is not in our records.'; } ?> Log In / Bulletin
'; else echo '
'; ?>
>1) & 1) echo '
'; else echo '
'; ?>
0) echo '

'.htmlentities($e_msg).'

'; ?>

Forgot your password?

Don't have an account? Sign Up

Welcome back to Bulletin! :)