API tools faq
paste
Guest User

Untitled

a guest
Jan 15th, 2018
97
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.21 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4.  
  5. ini_set('display_errors',1);
  6.  
  7.  
  8.  
  9. error_reporting(E_ALL);
  10.  
  11.  
  12.  
  13.  
  14.  
  15. session_start();
  16.  
  17.  
  18.  
  19. require("index.php");
  20.  
  21.  
  22.  
  23. if(isset($_SESSION["user"])) {
  24.  
  25.  
  26.  
  27. header("location: members.php");
  28.  
  29.  
  30.  
  31. }
  32.  
  33.  
  34.  
  35. else {
  36.  
  37.  
  38.  
  39. if(isset($_COOKIE["save_user"]) && isset($_COOKIE["save_pass"])) {
  40.  
  41.  
  42.  
  43. $query = mysql_query("SELECT username FROM users WHERE username = '".mysql_real_escape_string($_COOKIE["save_user"])."' AND password = '".mysql_real_escape_string($_COOKIE["save_pass"]));
  44.  
  45.  
  46.  
  47. if($query != False) {
  48.  
  49.  
  50.  
  51. $_SESSION["user"] = $_COOKIE["save_user"];
  52.  
  53.  
  54.  
  55. header("location: members.php");
  56.  
  57.  
  58.  
  59. }
  60.  
  61.  
  62.  
  63. }
  64.  
  65.  
  66.  
  67. }
  68.  
  69.  
  70.  
  71. if (isset($_POST['submit'])) {
  72.  
  73.  
  74.  
  75.  
  76.  
  77.  
  78.  
  79. if(!$_POST['username'] | !$_POST['pass']) {
  80.  
  81.  
  82.  
  83. $error= 'You did not fill in a required field.';
  84.  
  85.  
  86.  
  87. }
  88.  
  89.  
  90.  
  91. else {
  92.  
  93.  
  94.  
  95. $check = mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."'")or die(mysql_error());
  96.  
  97.  
  98.  
  99. $check2 = mysql_num_rows($check);
  100.  
  101.  
  102.  
  103. if ($check2 == 0) {
  104.  
  105.  
  106.  
  107. $error = 'That user does not exist in our database. <a href=register.php>Click Here to Register</a>';
  108.  
  109.  
  110.  
  111. }
  112.  
  113.  
  114.  
  115. else {
  116.  
  117.  
  118.  
  119. $info = mysql_fetch_array( $check );
  120.  
  121.  
  122.  
  123. $_POST['pass'] = stripslashes($_POST['pass']);
  124.  
  125.  
  126.  
  127. $info['password'] = stripslashes($info['password']);
  128.  
  129.  
  130.  
  131. $_POST['pass'] = sha1(md5($_POST['pass']));
  132.  
  133.  
  134.  
  135.  
  136.  
  137.  
  138.  
  139. if ($_POST['pass'] != $info['password']) {
  140.  
  141.  
  142.  
  143. $error = 'Incorrect password, please try again.';
  144.  
  145.  
  146.  
  147. }
  148.  
  149.  
  150.  
  151. else
  152.  
  153.  
  154.  
  155. {
  156.  
  157.  
  158.  
  159. $_POST['username'] = stripslashes($_POST['username']);
  160.  
  161.  
  162.  
  163. $month = time() + 3600*24*30;
  164.  
  165.  
  166.  
  167. $_SESSION['user'] = $_POST['username'];
  168.  
  169.  
  170.  
  171. setcookie("save_user", stripslashes(htmlentities($_POST['username'])), $hour);
  172.  
  173.  
  174.  
  175. setcookie("save_pass", stripslashes(htmlentities($_POST['pass'])), $month);
  176.  
  177.  
  178.  
  179. header("location: members.php");
  180.  
  181.  
  182.  
  183. }
  184.  
  185.  
  186.  
  187. }
  188.  
  189.  
  190.  
  191. }
  192.  
  193.  
  194.  
  195. }
  196.  
  197.  
  198.  
  199. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!