Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <html>
- <head>
- <meta charset="utf-8" />
- <title>Validating Login...</title>
- </head>
- <body>
- <?php
- session_start();
- // Connecting to the database
- include 'mysql.php';
- mysql_connect("$host", "$username", "$password")or die("There was an error when attempting to establish a connection with the database.");
- mysql_select_db("$database")or die("There was an error selecting the news system database.");
- // Sanitize input to prevent injections
- $username = mysql_real_escape_string($username);
- // Encrypt the password so real input isn't stored in the cookie
- $password = sha1($_POST['password']);
- // Perform the SQL queries
- $db = new mysqli($host, $username, $password, $database);
- $login = $db -> stmt_init();
- $login->bind_param('ss', $username, $password);
- if($login->prepare("SELECT * FROM $login_table WHERE `username` = ?, `password` = ?")) {
- $_SESSION["valid_user"] = $_POST["username"];
- $_SESSION["vzalid_time"] = time();
- $_SESSION["valid_pw"] = $password;
- Header("Location: admin.php");
- } else {
- die("Invalid login.");
- }
- ?>
- </body>
- </html>
Add Comment
Please, Sign In to add comment