Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- include_once("header.php");
- include_once("../db_connect.php");
- include_once("nav.php");
- if($_POST['post_pass']){
- $post_user = mysql_real_escape_string($_POST['post_user']);
- $post_pass = mysql_real_escape_string($_POST['post_pass']);
- $e_pass = md5(sha1($salty . $post_pass . $salty));
- $server = mysql_connect($dbhost, $dbuser, $dbpass) or die("Connection Failure to Database");
- $conn = mysql_select_db($dbname, $server) or die($dbname . " Database not found . " . $dbuser);
- $login_query = "SELECT * FROM users WHERE user = '$post_user' AND pass = '$e_pass' AND allow = true";
- $login_result = mysql_query($login_query) or die('Invalid Query: ' . $login_query);
- $login_num_rows = mysql_num_rows($login_result);
- if($login_num_rows == 1){
- while($login_row = mysql_fetch_array($login_result)){
- $login_name = $login_row['name'];
- $login_user = $login_row['user'];
- $login_pass = $login_row['pass'];
- $login_email = $login_row['email'];
- $login_access = $login_row['access'];
- $login_allow = $login_row['allow'];
- echo $login_access . "<br>";
- $_SESSION['access'] = $login_access;
- $_SESSION['user'] = $login_user;
- $_SESSION['pass'] = $login_pass;
- }
- echo "<center>Successfully Logged In<br>";
- echo "<a href='index.php'>Continue</a></center>";
- }else{
- echo "Login failed";
- }
- }
- include_once('footer.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement