= 3){
$randomPass = createRandomPassword();
$SelectStr = "UPDATE users SET Password = '$randomPass' where Email = '" . $_REQUEST["email"] . "' ";
$result = mysql_query($SelectStr) or die(mysql_error());
header("Location: mobileChatPasswordReset.php");
exit() ;
}
//******
//if user is not logged in
if( ( !$_SESSION['loggedIn'] ) or ( ($_REQUEST['email'] > " ") and ($_REQUEST['password'] > " ") ) ){
//see if a login attempt
if( ($_REQUEST['email'] > " ") and ($_REQUEST['password'] > " ") ){
//lookup user
$SelectStr = "SELECT * from users where Email = '" . $_REQUEST["email"] . "' and Password = '" . $_REQUEST["password"] . "' ";
$result = mysql_query($SelectStr) or die(mysql_error());
if($myrow=mysql_fetch_array($result)){
$_SESSION["loggedIn"] = "Y";
$_SESSION["sessionUserID"] = $myrow["ID"];
}else{
//update failed count
$_SESSION["failedLogin"] = $_SESSION["failedLogin"] + 1;
if($_SESSION["failedLogin"] == 3){
$randomPass = createRandomPassword();
$SelectStr = "UPDATE users SET Password = '$randomPass' where Email = '" . $_REQUEST["email"] . "' ";
$result = mysql_query($SelectStr) or die(mysql_error());
header("Location: mobileChatPasswordReset.php");
exit() ;
}else{
header("Location: mobileChatLoggedOff.php");
exit() ;
}
}
}else{
header("Location: mobileChatLoggedOff.php");
exit() ;
}
} // end of if not logged in
?>
yadahome