Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- can I improve my PHP log-in system with cookies?
- <?
- session_start();
- $username = $_POST['username'];
- $password = $_POST['password'];
- if ($username && $password){
- $query = mysql_query("SELECT * FROM user WHERE username='$username' ");
- $numrows = mysql_num_rows($query);
- //if user exists
- if ($numrows !=0){
- while ($row = mysql_fetch_array($query)){
- $dbusername = $row['username'];
- $dbpassword = $row['password'];
- }
- if ($username == $dbusername && md5($password) == $dbpassword){
- echo 'You're in! <a href="member.php">Click</a> here to enter the member page.';
- $_SESSION['username'] = $dbusername;
- }
- else
- echo "incorrect password!";
- }
- else
- die("sorry, that user doesn't exist!");
- }
- ?>
- <?
- session_start();
- if ($_SESSION['username']){
- echo "Welcome, ".$_SESSION['username']."!<br>
- <a href='changepassword.php'>Change password</a>
- ";
- }
- else{
- echo "please log in";
- }
- ?>
- $username = $_POST['username'];
- $username = mysql_real_escape_string($_POST['username']);
- <?php
- session_start();
- $db = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME, DB_USER, DB_PASS);
- $username = $_POST['username'];
- $password = $_POST['password'];
- if ($username && $password){
- $query = $db->prepare("SELECT * FROM user WHERE username = :usr");
- $query->execute(array('usr' => $username));
- $numrows = $query->rowCount();
- //if user exists
- if ($numrows !=0){
- while ($row = $query->fetch()){
- $dbusername = $row['username'];
- $dbpassword = $row['password'];
- }
- if ($username == $dbusername && md5($password) == $dbpassword){
- echo 'You're in! <a href="member.php">Click</a> here to enter the member page.';
- $_SESSION['username'] = $dbusername;
- }
- else
- echo "incorrect password!";
- }
- else
- die("sorry, that user doesn't exist!");
- }
- ?>
Add Comment
Please, Sign In to add comment