Guest User

Untitled

a guest
May 7th, 2016
37
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.30 KB | None | 0 0
  1. if(isset($_POST['login']))
  2. {
  3.     $salt      = '78sdjs86d2h';
  4.     $username = mysqli_real_escape_string($DB_H, addslashes($_POST['username']));
  5.     $password = mysqli_real_escape_string($DB_H, addslashes($_POST['password']));
  6.     $hash1 = hash('sha256', $password . $salt);
  7.     $hash = strtoupper($hash1);
  8.    
  9.        
  10.     $dbh = new PDO("mysql:host=localhost;dbname=qq_ss", "root", "");
  11.  
  12.     $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  13.  
  14.     $stmt = $dbh->prepare("SELECT id, Name, password FROM players
  15.                 WHERE Name = :numele AND password = :parola");
  16.  
  17.     /*** bind the parameters ***/
  18.     $stmt->bindParam(':numele', $username, PDO::PARAM_STR);
  19.     $stmt->bindParam(':parola', $hash, PDO::PARAM_STR, 40);
  20.  
  21.     /*** execute the prepared statement ***/
  22.     $stmt->execute();
  23.  
  24.     /*** check for a result ***/
  25.     $user_id = $stmt->fetchColumn();
  26.  
  27.     /*** if we have no result then fail boat ***/
  28.     if($user_id == false)
  29.     {
  30.         $msg = "Datele introduse sunt greșite!";
  31.     }
  32.     /*** if we do have a result, all is well ***/
  33.     else
  34.     {
  35.         /*** set the session user_id variable ***/
  36.         $_SESSION['username'] = $username;
  37.         $_SESSION['password'] = $hash;
  38.  
  39.         echo "
  40.         <script type='text/javascript'>
  41.         <!--
  42.         function Redirect()
  43.         {
  44.             window.location='/panel/';
  45.         }
  46.         setTimeout('Redirect()', 50);
  47.         //-->
  48.         </script>";
  49.     }  
  50. }
  51. ?>
Add Comment
Please, Sign In to add comment