- $username = mysql_real_escape_string($_POST['username']);
- $unhashedpassword = mysql_real_escape_string($_POST['password']);
- $hashedpassword = sha1($unhashedpassword);
- $query = "SELECT * FROM staff
- WHERE liUsername = '" . $username . "' AND
- ((liPassword = '" . $hashedpassword . "' AND UsedNewPassword = '1') ||
- (liPassword = '" . $unhashedpassword ."' AND UsedNewPassword = '0')) LIMIT 1
create new paste | create new version of this paste
RAW Paste Data
Our Sites: