Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once('top.php');
- include('db_connect.php');
- $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');
- mysql_select_db($dbname);
- if(isset($_SESSION['user']) && isset($_SESSION['e_pass'])){
- $e_pass = $_SESSION['e_pass'];
- $user = $_SESSION['user'];
- $query = "SELECT * from profile WHERE username = '".$user."' AND password = '".$e_pass."' LIMIT 1";
- $result = mysql_query($query) or die(mysql_error());
- $row = mysql_fetch_array($result);
- $db_user = $row['username'];
- $db_pass = $row['password'];
- $db_fname = $row['first_name'];
- $db_lname = $row['last_name'];
- $db_email = $row['email'];
- $db_ophone = $row['office_phone'];
- $db_cphone = $row['cell_phone'];
- $db_aphone = $row['alt_phone'];
- $db_office = $row['office'];
- $db_position = $row['position'];
- $db_image = $row['image'];
- $db_profile = $row['profile'];
- $db_active = $row['active'];
- include('login_successful.php');
- if($db_user == $user && $db_pass == $e_pass){
- if($db_active == 1){
- include('login_successful.php');
- }else{
- echo "This account has been disabled, Please Contact Doug Clatterbuck or Computer Solutions about this issue";
- }
- }else{
- include('login_failed.php');
- }
- }else{
- echo "Please Enter a username and Password";
- }
- }
- if(isset($_POST['post_user']) && isset($_POST['post_pass'])){
- $user = mysql_real_escape_string($_POST['post_user']);
- $pass = mysql_real_escape_string($_POST['post_pass']);
- $e_pass = hash('sha256', md5($pass) . $pass);
- mysql_select_db($dbname);
- $process_query = "SELECT * from profile WHERE username = '".$user."' AND password = '".$e_pass."' LIMIT 1";
- $process_result = mysql_query($process_query) or die(mysql_error());
- $process_row = mysql_fetch_array($process_result);
- $db_user = $process_row['username'];
- $db_pass = $process_row['password'];
- $db_fname = $process_row['first_name'];
- $db_lname = $process_row['last_name'];
- $db_email = $process_row['email'];
- $db_ophone = $process_row['office_phone'];
- $db_cphone = $process_row['cell_phone'];
- $db_aphone = $process_row['alt_phone'];
- $db_office = $process_row['office'];
- $db_position = $process_row['position'];
- $db_image = $process_row['image'];
- $db_profile = $process_row['profile'];
- $db_active = $process_row['active'];
- if($db_user == $user && $db_pass == $e_pass){
- if($db_active == 1){
- include('login_successful.php');
- }else{
- echo "This account has been disabled, Please Contact Doug Clatterbuck or Computer Solutions about this issue";
- }
- }else{
- include('login_failed.php');
- }
- }else{
- echo "Please Enter a username and Password";
- }
- include_once('bottom.php');
- mysql_close($conn);
- ?>
Add Comment
Please, Sign In to add comment