/gist:8ecc436795dbb0906f36 Secret

## gistfile1.php
<?php require_once('Connections/test_conn.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['account_Enter'])) {
  $loginUsername=$_POST['account_Enter'];
  $password=$_POST['password_Enter'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "index.php";
  $MM_redirectLoginFailed = "memberError.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_test_conn, $test_conn);

  $LoginRS__query=sprintf("SELECT username, password FROM member WHERE username=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

  $LoginRS = mysql_query($LoginRS__query, $test_conn) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";

	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

<link href="style.css" rel="stylesheet" type="text/css" />
<table width="180" border="0">
  <tr>
    <td colspan="2">【會員專區】</td>
  </tr>
  <tr>
    <td colspan="2"><form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="memberLogin" id="memberLogin">
      <table width="180" border="1">
        <tr>
          <td width="36%">帳號：</td>
          <td width="64%"><label for="account_Enter"></label>
            <input name="account_Enter" type="text" class="inputstyle1" id="account_Enter"  ></td>
          <td width="64%" rowspan="2"><input type="submit" name="account_Enter" id="account_Enter" value="登入" /></td>
          </tr>
        <tr>
          <td>密碼：</td>
          <td><label for="account_Enter"></label>
            <input name="password_Enter            " type="password" class="inputstyle1" id="account_Enter" width = "30"></td>
          </tr>
        <tr>
          <td colspan="3"><input type="checkbox" name="rememberMe" id="rememberMe">
            <label for="rememberMe">記住我的帳號密碼</label></td>
        </tr>
        </table>
    </form></td>
  </tr>
  <tr>
    <td width="86">加入會員</td>
    <td width="84">忘記密碼</td>
  </tr>
</table>
	<?php require_once('Connections/test_conn.php'); ?>
	<?php
	if (!function_exists("GetSQLValueString")) {
	function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
	{
	if (PHP_VERSION < 6) {
	$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
	}

	$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

	switch ($theType) {
	case "text":
	$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
	break;
	case "long":
	case "int":
	$theValue = ($theValue != "") ? intval($theValue) : "NULL";
	break;
	case "double":
	$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
	break;
	case "date":
	$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
	break;
	case "defined":
	$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
	break;
	}
	return $theValue;
	}
	}
	?>
	<?php
	// *** Validate request to login to this site.
	if (!isset($_SESSION)) {
	session_start();
	}

	$loginFormAction = $_SERVER['PHP_SELF'];
	if (isset($_GET['accesscheck'])) {
	$_SESSION['PrevUrl'] = $_GET['accesscheck'];
	}

	if (isset($_POST['account_Enter'])) {
	$loginUsername=$_POST['account_Enter'];
	$password=$_POST['password_Enter'];
	$MM_fldUserAuthorization = "";
	$MM_redirectLoginSuccess = "index.php";
	$MM_redirectLoginFailed = "memberError.php";
	$MM_redirecttoReferrer = true;
	mysql_select_db($database_test_conn, $test_conn);

	$LoginRS__query=sprintf("SELECT username, password FROM member WHERE username=%s AND password=%s",
	GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

	$LoginRS = mysql_query($LoginRS__query, $test_conn) or die(mysql_error());
	$loginFoundUser = mysql_num_rows($LoginRS);
	if ($loginFoundUser) {
	$loginStrGroup = "";

	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
	//declare two session variables and assign them
	$_SESSION['MM_Username'] = $loginUsername;
	$_SESSION['MM_UserGroup'] = $loginStrGroup;

	if (isset($_SESSION['PrevUrl']) && true) {
	$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
	}
	header("Location: " . $MM_redirectLoginSuccess );
	}
	else {
	header("Location: ". $MM_redirectLoginFailed );
	}
	}
	?>

	<link href="style.css" rel="stylesheet" type="text/css" />
	<table width="180" border="0">
	<tr>
	<td colspan="2">【會員專區】</td>
	</tr>
	<tr>
	<td colspan="2"><form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="memberLogin" id="memberLogin">
	<table width="180" border="1">
	<tr>
	<td width="36%">帳號：</td>
	<td width="64%"><label for="account_Enter"></label>
	<input name="account_Enter" type="text" class="inputstyle1" id="account_Enter" ></td>
	<td width="64%" rowspan="2"><input type="submit" name="account_Enter" id="account_Enter" value="登入" /></td>
	</tr>
	<tr>
	<td>密碼：</td>
	<td><label for="account_Enter"></label>
	<input name="password_Enter " type="password" class="inputstyle1" id="account_Enter" width = "30"></td>
	</tr>
	<tr>
	<td colspan="3"><input type="checkbox" name="rememberMe" id="rememberMe">
	<label for="rememberMe">記住我的帳號密碼</label></td>
	</tr>
	</table>
	</form></td>
	</tr>
	<tr>
	<td width="86">加入會員</td>
	<td width="84">忘記密碼</td>
	</tr>
	</table>