Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set('display_errors',1);
- include_once 'config.php';
- $message = null;
- $password_passed = 0;
- if ($_POST['user'] && $_POST['password']) {
- $username = $_POST['user'];
- $userpassword = $_POST['password'];
- $sql = "SELECT * FROM users WHERE user = '" . $username . "' AND pass = '" . sha1($userpassword) . "'";
- $user = mysqli_query($_SESSION['dbconn'],$sql);
- if ($user) {
- $password_passed = 1;
- $record = mysqli_fetch_array($user);
- }
- if (!$password_passed) {
- $message = 'Wrong username and/or password.';
- } else {
- $_SESSION['user']['userid'] = $record['user'];
- $_SESSION['user']['admin'] = $record['admin'];
- }
- if ($password_passed) {
- $sql2 = "UPDATE users SET last_login = '" . date('Y-m-d H:i') . "' WHERE user = '" . $username . "'";
- mysqli_query($_SESSION['dbconn'],$sql2);
- $_SESSION['message'] = array('info',"Welcome, " . $_SESSION['user']['userid']);
- $_SESSION['loggedin'] = 1;
- header("Location: " . SITEHOME);
- } else {
- $_SESSION['message'] = array('warning',$message);
- header("Location: " . SITEHOME);
- }
- } else {
- $_SESSION['message'] = array('warning',"Login failed. Please check your login data.");
- header("Location: " . SITEHOME);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement