Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("inc/config.php");
- if(isset($_GET['do'])) {
- $username = mysql_real_escape_string($_POST['username']);
- $password = mysql_real_escape_string(encrypt($_POST['password']));
- if($username && $password) {
- $query = mysql_query("SELECT `username` FROM `users` WHERE `username` = '{$username}'") or die(mysql_error());
- $count = mysql_num_rows($query);
- if($count > 0) {
- $query2 = mysql_query("SELECT `username` FROM `users` WHERE `username`='{$username}' AND `password`='{$password}'");
- $count2 = mysql_num_rows($query2);
- if($count2 > 0) {
- $row = mysql_fetch_assoc($query2);
- $_SESSION['username'] = $row['username'];
- echo("You have successfully logged in as {$username}, redirecting you.");
- echo("<meta http-equiv='Refresh' content='1; URL=index.php'/>");
- } else {
- echo("Your username and password do not match!");
- echo("<meta http-equiv='Refresh' content='1; URL=login.php'/>");
- }
- } else {
- echo("The username you supplied does not exist!");
- echo("<meta http-equiv='Refresh' content='1; URL=login.php'/>");
- }
- } else {
- echo("You must supply both a username and password!");
- echo("<meta http-equiv='Refresh' content='1; URL=login.php'/>");
- }
- } else {
- ?>
- <form action="login.php?do" method="post">
- <label>Username</label> <input type="text" name="username" />
- <br />
- <label>Password</label> <input type="password" name="password" />
- <br />
- <input type="submit" name="submit" value="Submit" />
- </form>
- <?php
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement