Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- $loggedin = "";
- if (isset($_POST['name']) && isset($_POST['pw'])) {
- $username = $_POST['name'];
- $pass = $_POST['pw'];
- $hashed = md5(md5(md5(md5($pass))));
- $servername = "localhost";
- $dbusername = "login";
- $dbpassword = "";
- $dbname = "login";
- $conn = new mysqli($servername, $dbusername, $dbpassword, $dbname);
- if ($conn->connect_error) {
- die("Connection failed: " . $conn->connect_error);
- }
- $sql = "SELECT * from tb_login where (substr(username, 1, 8) = substr((((((((((((((((((((((((((((((\"$username\"))))))))))))))))))))))))))))), 1, 8)) AND password = '$hashed'";
- $result = $conn->query($sql);
- if ($result->num_rows > 0) {
- while($row = $result->fetch_assoc()) {
- $loggedin = "ngadimin";
- }
- }
- }
- ?>
- <!DOCTYPE html>
- <html >
- <head>
- <meta charset="UTF-8">
- <title>Login</title>
- <link rel="stylesheet" href="css/style.css">
- </head>
- <body>
- <form method="POST">
- <h4> Login </h4>
- <?php
- if ($loggedin != "") {
- echo "Welcome " . $loggedin . "! Flag is not in here<br><br>";
- }
- ?>
- <input class="name" type="text" name="name" placeholder="Enter Username"/>
- <input class="pw" type="password" name="pw" placeholder="Enter Password"/>
- <input class="button" type="submit" value="Log in"/>
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement