Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //We connect to the database
- $host="localhost"; // Host name
- $username="root"; // Mysql username
- $password="testdbpass"; // Mysql password
- $db_name="test"; // Database name
- // Connect to server via PHP Data Object
- $dbh = new PDO("mysql:host=localhost;dbname=test", $username, $password);
- $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- //How we creat our bcrypt
- $Blowfish_Pre = '$2y$17$';
- $Allowed_Chars =
- 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
- $Chars_Len = 63;
- $salt = "";
- for($x=0;$x<10000;$x++)
- {
- $salt .= $Allowed_Chars[mt_rand(0,$Chars_Len)];
- }
- $bcrypt = $Blowfish_Pre . $salt;
- //The actual form data being combined with the database data
- $form_username = $_POST['username'];
- $form_password = $_POST['password'];
- $crypt_pass = crypt($form_password, $bcrypt);
- $sth = $dbh->prepare("SELECT * FROM users WHERE username = :user AND password = :pass");
- $sth->bindParam(':user', $form_username);
- $sth->bindParam(':pass', $crypt_pass);
- $sth->execute();
- $total = $sth->rowCount();
- $row = $sth->fetch();
- if($total > 0){
- if($row['activated']){
- $_SESSION["user_username"] = $form_username;
- $_SESSION["user_logedIn"] = true;
- $_SESSION["user_id"] = $row['user_id'];
- header("location: login_success.php");
- }
- else{
- echo "ACCOUNT NOT ACTIVE";
- }
- }
- else{
- echo "WRONG PASSWORD OR USERNAME";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
