Advertisement
Guest User

Untitled

a guest
Oct 14th, 2017
78
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.79 KB | None | 0 0
  1. <?php
  2. if(isset($_POST['username']) && isset($_POST['password'])) {
  3. $mySQLHost = "127.0.0.1";
  4. $mySQLUsername = "root";
  5. $mySQLPassword = "password";
  6. $mySQLDatabase = "myDatabase";
  7. $mySQLTable = "myTable";
  8. $connection = mysql_connect($mySQLHost, $mySQLUsername, $mySQLPassword);
  9. if(!$connection) {
  10. die("Can't connect! Error: ".mysql_error());
  11. }
  12. $database = mysql_select_db($mySQLDatabase, $connection);
  13. if(!$database) {
  14. die("Cannot find database! Error: ".mysql_error());
  15. }
  16. $query = "SELECT * FROM `$mySQLTable` WHERE `username` = \"".mysql_real_escape_string($_POST['username'])."\"";
  17. $result = mysql_query($query);
  18. if(!$result) {
  19. die("Cannot find user! Error: " + mysql_error());
  20. }
  21. $foundAccount = false;
  22. while($row = mysql_fetch_assoc($result)) {
  23. if($row['password'] == md5(mysql_real_escape_string($_POST['password']))) {
  24. //echo("Welcome " . $row['username'] . ", your ID number is " . $row['id']);
  25. $foundAccount = true;
  26. $cookieValue = randomString(30);
  27. setCookie($row['username'], $cookieValue, time()+3600);
  28. databaseAdd($row['username'], $cookieValue);
  29. echo('
  30. <form action="/login/mySite.php" method="POST" name="redirection">
  31. <input type="hidden" name="username" value="'.$row['username'].'">
  32. </form>
  33. <script language="JavaScript">
  34. document.redirection.submit();
  35. </script>');
  36. //header('Location: /login/mySite.php');
  37. }
  38. }
  39. if(!$foundAccount) {
  40. echo("Either you fail at typing, the account you're trying to use doesn't exist or you're not using your real account!");
  41. }
  42. } else {
  43. echo('
  44. <htm>
  45. <head><title>Login</title></head>
  46. <body>
  47. <form method="POST">
  48. Username:<br>
  49. <input type="text" name="username" value="Username"><br>
  50. Password:<br>
  51. <input type="password" name="password" value="Password"><br><br>
  52. <input type="submit">
  53. </form>
  54. </body>
  55. </htmL>');
  56. }
  57.  
  58.  
  59. function randomString($length) {
  60. $characters = "0123456789qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM";
  61. $string = "";
  62. for($i = 0; $i < $length; $i++) {
  63. $string .= $characters[mt_rand(0, strlen($characters)-1)];
  64. }
  65. return $string;
  66. }
  67. function databaseAdd($username, $value) {
  68. $mySQLHost = "127.0.0.1";
  69. $mySQLUsername = "root";
  70. $mySQLPassword = "password";
  71. $mySQLDatabase = "myDatabase";
  72. $mySQLTable = "cookies";
  73.  
  74. $connection = mysql_connect($mySQLHost, $mySQLUsername, $mySQLPassword);
  75. if(!$connection) {
  76. die("Error: ".mysql_error());
  77. }
  78. $database = mysql_select_db($mySQLDatabase, $connection);
  79. if(!$database) {
  80. die("Error: ".mysql_error());
  81. }
  82. $time = time()+3600;
  83. $query = 'INSERT INTO '.$mySQLTable.' (username, cookie, time) VALUES ("'.mysql_real_escape_string($username).'", "'.$value.'", "'.$time.'")';
  84. $result = mysql_query($query);
  85. if(!$result) {
  86. die("Error: ".mysql_error());
  87. }
  88. }
  89. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement