Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- session_register('is_logged_in');
- session_register('logged_in_as');
- $username = $_POST['username'];
- $password = $_POST['password'];
- $Salt = uniqid();
- $Algo = '6';
- $Rounds = '7500';
- $cryptSalt = '$' . $Algo . '$rounds=' . $Rounds . '$' . $Salt;
- $finalPassword = crypt($password, $cryptSalt);
- function authenticate() {
- try {
- $db = new PDO('mysql:host=localhost;dbname=db;charset=UTF-8', 'root', 'password', array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
- } catch(PDOException $ex) {
- echo "An error occured: " . $ex;
- }
- $prepquery = $db->prepare('SELECT * FROM users WHERE :password = password AND username = :username');
- $prepquery->bindParam(':username', $username);
- $prepquery->bindParam(':password', $finalPassword);
- $prepquery->execute();
- $res = $prepquery->fetch(PDO::FETCH_ASSOC);
- return !empty($res) ? true : false;
- }
- if(authenticate()) {
- echo "You are now logged in as " . $username . ".";
- $_SESSION['is_logged_in'] = 1;
- $_SESSION['logged_in_as'] = $username;
- } else if($_SESSION['is_logged_in'] === 1) {
- echo "You are already logged in!";
- } else {
- echo "The username or password was incorrect. <br /> " . $finalPassword;
- }
Add Comment
Please, Sign In to add comment