Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require("connect.php");
- $username = mysql_real_escape_string($_POST['username']);
- $password = mysql_real_escape_string($_POST['password']);
- $submit = $_POST['submit'];
- if($submit){
- if($username && $password){
- $auth_sql = mysql_query("SELECT salt, password, username FROM users") or die("Error, checking salt");
- if (mysql_num_rows($auth_sql) === 0) {
- die('Username and password don\'t match');
- }
- if (mysql_num_rows($auth_sql) !== 1) {
- die('Internal server error');
- }
- $auth_row = mysql_fetch_array($auth_sql);
- $db_salt = $auth_row['salt'];
- $db_username = $auth_row['username'];
- $db_password = $auth_row['password'];
- if($db_username === $username){
- $password = sha1($password.$db_salt);
- }
- if($password == $db_password){
- echo "Yey you are logged in.";
- }else{
- die("Incorrect password or username.");
- }
- }else{
- die ("Please fill in <b>All</b> fields");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
