Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(isset($_POST['username']) && isset($_POST['password'])) {
- $mySQLHost = "127.0.0.1";
- $mySQLUsername = "root";
- $mySQLPassword = "password";
- $mySQLDatabase = "myDatabase";
- $mySQLTable = "myTable";
- $connection = mysql_connect($mySQLHost, $mySQLUsername, $mySQLPassword);
- if(!$connection) {
- die("Can't connect! Error: ".mysql_error());
- }
- $database = mysql_select_db($mySQLDatabase, $connection);
- if(!$database) {
- die("Cannot find database! Error: ".mysql_error());
- }
- $query = "SELECT * FROM `$mySQLTable` WHERE `username` = \"".mysql_real_escape_string($_POST['username'])."\"";
- $result = mysql_query($query);
- if(!$result) {
- die("Cannot find user! Error: " + mysql_error());
- }
- $foundAccount = false;
- while($row = mysql_fetch_assoc($result)) {
- if($row['password'] == md5(mysql_real_escape_string($_POST['password']))) {
- //echo("Welcome " . $row['username'] . ", your ID number is " . $row['id']);
- $foundAccount = true;
- $cookieValue = randomString(30);
- setCookie($row['username'], $cookieValue, time()+3600);
- databaseAdd($row['username'], $cookieValue);
- echo('
- <form action="/login/mySite.php" method="POST" name="redirection">
- <input type="hidden" name="username" value="'.$row['username'].'">
- </form>
- <script language="JavaScript">
- document.redirection.submit();
- </script>');
- //header('Location: /login/mySite.php');
- }
- }
- if(!$foundAccount) {
- echo("Either you fail at typing, the account you're trying to use doesn't exist or you're not using your real account!");
- }
- } else {
- echo('
- <htm>
- <head><title>Login</title></head>
- <body>
- <form method="POST">
- Username:<br>
- <input type="text" name="username" value="Username"><br>
- Password:<br>
- <input type="password" name="password" value="Password"><br><br>
- <input type="submit">
- </form>
- </body>
- </htmL>');
- }
- function randomString($length) {
- $characters = "0123456789qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM";
- $string = "";
- for($i = 0; $i < $length; $i++) {
- $string .= $characters[mt_rand(0, strlen($characters)-1)];
- }
- return $string;
- }
- function databaseAdd($username, $value) {
- $mySQLHost = "127.0.0.1";
- $mySQLUsername = "root";
- $mySQLPassword = "password";
- $mySQLDatabase = "myDatabase";
- $mySQLTable = "cookies";
- $connection = mysql_connect($mySQLHost, $mySQLUsername, $mySQLPassword);
- if(!$connection) {
- die("Error: ".mysql_error());
- }
- $database = mysql_select_db($mySQLDatabase, $connection);
- if(!$database) {
- die("Error: ".mysql_error());
- }
- $time = time()+3600;
- $query = 'INSERT INTO '.$mySQLTable.' (username, cookie, time) VALUES ("'.mysql_real_escape_string($username).'", "'.$value.'", "'.$time.'")';
- $result = mysql_query($query);
- if(!$result) {
- die("Error: ".mysql_error());
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement