Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # remove this line; added to prevent possible RFI <?php exit(254); ?>
- <?php
- if(!isset($_GET['u']) || !isset($_GET['p'])) {
- echo "false line 2";
- exit.'INVALID';
- }
- mysql_connect('localhost', 'scapemar_script', 'lolcakes'); // connect
- mysql_select_db('scapemar_keys'); // choose the database
- $clean = array_map('mysql_real_escape_string', $_GET); // clean the array
- $query = mysql_query('SELECT * FROM `auths` WHERE `user`=\'".$clean['user']."\';');
- $row = mysql_fetch_assoc($query); // get the row from the database
- if(!$query){
- echo "invalid";
- exit.'INVALID';
- }
- if(mysql_num_rows($query) != 1) { // if it isn't 1 row, say invalid
- echo "false not one row ";
- echo mysql_num_rows($query);
- exit.'INVALID';
- }
- if($row['pass'] != $clean['p']) {
- echo "false";
- exit.'INVALID';
- } else {
- echo "true";
- exit.'VALID';
- }
- ?>
Add Comment
Please, Sign In to add comment