Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once('includes/config.inc.php');
- require_once('includes/footer.inc.php');
- if(isset($_POST['submit'])) {
- $username = mysql_real_escape_string($_POST['username']);
- $password = mysql_real_escape_string($_POST['password']);
- $query = "SELECT * FROM `users` WHERE `password` = 'md5($password)' AND `username` = '$username'";
- $result = mysql_query($query) or die(mysql_error());
- while($row = mysql_fetch_array($result)){
- $resusername = $row['username']; // username from DB
- $respassword = $row['password']; // password from DB
- $resemail = $row['email']; // email from db
- }
- // Are they a valid user?
- if ($respassword == $password) {
- $_SESSION['loggedin'] = "1";
- $_SESSION['email'] = $resemail;
- $_SESSION['username'] = $resusername;
- echo "Congrats, Your logged in"; // YAY
- }else{
- // No, Lets mark them as invalid.
- $_SESSION['loggedin'] = "0";
- echo "Sorry, Invalid details"; // Nay
- }
- }
- ?>
Add Comment
Please, Sign In to add comment