Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set('display_errors',1);
- error_reporting(E_ALL);
- session_start();
- require("index.php");
- if(isset($_SESSION["user"])) {
- header("location: members.php");
- }
- else {
- if(isset($_COOKIE["save_user"]) && isset($_COOKIE["save_pass"])) {
- $query = mysql_query("SELECT username FROM users WHERE username = '".mysql_real_escape_string($_COOKIE["save_user"])."' AND password = '".mysql_real_escape_string($_COOKIE["save_pass"]));
- if($query != False) {
- $_SESSION["user"] = $_COOKIE["save_user"];
- header("location: members.php");
- }
- }
- }
- if (isset($_POST['submit'])) {
- if(!$_POST['username'] | !$_POST['pass']) {
- $error= 'You did not fill in a required field.';
- }
- else {
- $check = mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."'")or die(mysql_error());
- $check2 = mysql_num_rows($check);
- if ($check2 == 0) {
- $error = 'That user does not exist in our database. <a href=register.php>Click Here to Register</a>';
- }
- else {
- $info = mysql_fetch_array( $check );
- $_POST['pass'] = stripslashes($_POST['pass']);
- $info['password'] = stripslashes($info['password']);
- $_POST['pass'] = sha1(md5($_POST['pass']));
- if ($_POST['pass'] != $info['password']) {
- $error = 'Incorrect password, please try again.';
- }
- else
- {
- $_POST['username'] = stripslashes($_POST['username']);
- $month = time() + 3600*24*30;
- $_SESSION['user'] = $_POST['username'];
- setcookie("save_user", stripslashes(htmlentities($_POST['username'])), $hour);
- setcookie("save_pass", stripslashes(htmlentities($_POST['pass'])), $month);
- header("location: members.php");
- }
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment