Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function user_login($username, $password)
- {
- // Try and get the salt from the database using the username
- $query = "SELECT `salt` FROM `bombay_customers` WHERE `user-name`='$username' LIMIT 1";
- $result = mysql_query($query);
- if (mysql_num_rows($result) > 0)
- {
- // Get the user
- $user = mysql_fetch_array($result);
- // Using the salt, encrypt the given password to see if it
- // matches the one in the database
- $encrypted_pass = md5(md5($password).$user['salt']);
- // Try and get the user using the username & encrypted pass
- $query = "SELECT `id`, `user-name` FROM `bombay_customers` WHERE `user-name`='$username' AND `password`='$encrypted_pass'";
- $result = mysql_query($query);
- if (mysql_num_rows($result) > 0)
- {
- $user = mysql_fetch_array($result);
- // Now encrypt the data to be stored in the session
- $encrypted_id = md5($user['id']);
- $encrypted_name = md5($user['user-name']);
- // Store the data in the session
- $_SESSION['userid'] = $user['id'];
- $_SESSION['username'] = $user['user-name'];
- $_SESSION['encrypted_id'] = $encrypted_id;
- $_SESSION['encrypted_name'] = $encrypted_name;
- // Return ok code
- return true;
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
Add Comment
Please, Sign In to add comment