no no no. thats looking for a file which is blank. you havnt set $Uname yet. as you can see in your code.
try this:
<?PHP
$Uname='';
$Pass='';
$contents='';
if ($_REQUEST['Uname'] != "") {
$Uname = $_REQUEST['Uname'];
} else {
die('You need both a Username and password to login');
}
if ($_REQUEST['Pass'] != "") {
$Pass = $_REQUEST['Pass'];
} else {
die('You need both a Username and password to login');
}
if(!file_exists("imgs/".$Uname.".nam")){
echo "Username does not exist, please check that capslock is not on and that your entry was spelled correctly.";
}else{
$fp = fopen("imgs/".$Uname.".nam","rb");
$contents = fread($fp, filesize("imgs/".$Uname.".nam"));
fclose($fp);
$pieces = explode(" ", $contents);
if ($pieces[2] == md5($Pass)) {
setcookie('User',$Uname,time()+(60*60));
} else {
die ('Sorry the password username combanation does not exist');
}
header("Location: http://" . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['PHP_SELF']), '/\\') . "/index.php");
}
?>
because now $Uname is set, and we can check if the file exists.
