Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. <?php
  2.  
  3. include 'mysqlHandler.php';
  4.  
  5. $logged_in = false;
  6.  
  7. openConnection();
  8.  
  9. $u = mysql_real_escape_string($_POST['username']);
  10. $p = hashPassword($_POST['password']);
  11. $_POST['password'] = "";
  12.  
  13. $sql = "select username from user where username = '" . $u . "' and password = '" . $p . "'";
  14. $result = executeQuery($sql);
  15.  
  16. if ($result) {
  17.     while ($row = mysql_fetch_array($result)) {
  18.         if ($row['username'] == $u) {
  19.             $logged_in = true;
  20.         }
  21.     }
  22. }
  23.  
  24. if ($logged_in) {
  25.     setcookie("user", $_POST['username'], time() + (604800));
  26.     header("Location:index.php");
  27. } else {
  28.     header('Location:login.php?bad_login=1&username=' . $_POST["username"]);
  29. }
  30.  
  31. closeConnection();
  32. ?>