Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'config.php';
- session_start();
- if($_SERVER["REQUEST_METHOD"] == "POST") {
- $myusername=mysqli_real_escape_string($conn, $_POST['username']);
- $mypassword=mysqli_real_escape_string($conn, $_POST['password']);
- }
- if (strlen($myusername) < 1) {
- $_SESSION["error"] .= "Username is too short !<br>";
- }
- if (strlen($mypassword) < 1) {
- $_SESSION["error"] .= "Password is too short !<br>";
- }
- if(isset($_SESSION["error"])) {
- header("location: /pages/login.php");
- exit;
- }
- $mypassword=sha1($mypassword);
- $sql="SELECT * FROM user WHERE username='$myusername' and password='$mypassword';";
- $result=mysqli_query($conn, $sql);
- $count = mysqli_num_rows($result);
- if($count == 1) {
- $_SESSION["logged_user"] = $myusername;
- $_SESSION["logged_in"] = "yes";
- $sql="SELECT * FROM user WHERE username='$myusername' and password='$mypassword' and admin=1;";
- $result=mysqli_query($conn, $sql);
- $count = mysqli_num_rows($result);
- if($count == 1) {$_SESSION["admin"] = "True";}
- header("location: ../index.php");
- }
- else {
- $_SESSION["error"] .= "Username or Password is wrong !<br>";
- header("location: /pages/login.php");
- }
- mysqli_close($conn);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement