Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $database['host'] = '127.0.0.1';
- $database['user'] = 'user';
- $database['pass'] = 'database';
- $database['db'] = 'password';
- try {
- $DBH = new PDO("mysql:host=$database[host];dbname=$database[db]", $database['user'], $database['pass']);
- } catch(PDOException $e) {
- $error['db-link'] = $e->getMessage();
- }
- session_start();
- function login()
- {
- if (isSet($_SESSION['username']) && isSet($_SESSION['password'])) {
- $STH = $DBH->prepare('SELECT username, password FROM accounts WHERE username = ? AND password = ?');
- $STH->execute(Array($_SESSION['username'], $_SESSION['password']));
- $STH->setFetchMode(PDO::FETCH_ASSOC);
- if ($TH->fetchColumn() == 0) {
- return 'attack'; /* wtf are you doin? */
- } else {
- return 'logged'; /* user and pass ok */
- }
- }
- if (isSet($_POST['username']) && isSet($_POST['password'])) {
- $password = md5($_POST['password']);
- $STH = $DBH->prepare('SELECT username, password FROM accounts WHERE username = ? AND password = ?');
- $STH->execute(Array($_POST['username'], $password));
- $STH->setFetchMode(PDO::FETCH_ASSOC);
- if ($STH->fectchColumn() > 0) {
- $_SESSION['username'] = $_POST['username'];
- $_SESSION['password'] = $password;
- return 'logged'; /* user and pass ok */
- } else {
- return 'notcorrect'; /* user and pass not ok */
- }
- }
- if (empty($_POST['username']) && empty($_POST['password']) && empty($_SESSION['username']) && empty($_SESSION['password'])) {
- return 'nologin'; /* have to do the login */
- }
- }
- function login_form()
- {
- ?>
- <form method="post" action="<?php echo $config['url']; ?>/login" id="login">
- <fieldset>
- <legend>Login</legend>
- <label>Username: <input type="text" name="username" required /></label>
- <label>Password: <input type="password" name="password" required /></label>
- <input type="submit" />
- </fieldset>
- </form>
- <?php
- }
- function module_content()
- {
- if (login() == 'login') {
- header('Location: '.$config['url'].'/dashboard');
- } else if (login() == 'notcorrect') {
- ?>
- <p>Sorry, login not correct. Please, try again.</p>
- <?php
- login_form();
- } else if (login() == 'attack') {
- login_form();
- } else if (login() == 'nologin') {
- login_form();
- }
- }
- module_content();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement