Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- if ($_POST['username']) {
- $username=trim($_POST['username']);
- $username = mysql_real_escape_string($username);
- $password=trim($_POST['password']);
- $password=mysql_real_escape_string($password);
- //$password = hash('md5','$password');
- if ($password==NULL) {
- header("Location: login.php?error=2");
- }else{
- if($_POST['code']!=$_SESSION['string']){
- header("Location: login.php?error=1");
- }else{
- $query = mysql_query("SELECT username,password FROM tb_users WHERE username = '$username'") or die(mysql_error());
- if(mysql_num_rows($query) == 0)
- {
- header("Location: login.php?error=3");
- } else {
- $data = mysql_fetch_array($query);
- if($data['password'] != $password) {
- header("Location: login.php?error=4");
- }else{
- $query = mysql_query("SELECT username,password FROM tb_users WHERE username='$username' ") or die(mysql_error());
- $row = mysql_fetch_array($query);
- $nicke=$row['username'];
- $passe=$row['password'];
- setcookie("usNick",$nicke,time()+36000);
- setcookie("usPass",$passe,time()+36000);
- $lastlogdate=time();
- $lastip = getRealIP();
- $querybt = "UPDATE tb_users SET lastlogdate='$lastlogdate', lastiplog='$lastip' WHERE username='$nicke'";
- mysql_query($querybt) or die(mysql_error());
- $query = mysql_query("SELECT akhirupgrade from tb_upgrade WHERE username = '$username' and status='upgraded'") or die(mysql_error());
- if(mysql_num_rows($query) > 0) {
- $row = mysql_fetch_array($query);
- $akhir=$row["akhirupgrade"];
- $tgl=time();
- if ($tgl > $akhir) {
- $query = mysql_query("update tb_upgrade set status='', date='', paket='', akhirupgrade='' WHERE username='$username' and status='upgraded'");
- $query = mysql_query("update tb_users set account='' WHERE username='$username'");
- }
- }
- header("Location: member.php");
- }
- }
- }
- }
- }
- ?>
- $password = password_hash(filter_input(INPUT_POST, "password"));
- $passwordFromDb = $result['password']; //Password from the database
- $passwordFromLoginForm = password_hash(filter_input(INPUT_POST, "password");
- //Then when youve got the password to check it agaisnt there input
- if($passwordFromDb === $passwordFromForm){
- //The password they entered was the same as the password in the database
- } else {
- //The password was wrong
- }
- $password = md5(filter_input(INPUT_POST, "password"));//Store password
- $passwordFromDb = $result['password']; //Password from the database
- $passwordFromLoginForm = md5(filter_input(INPUT_POST, "password");
- //Then when youve got the password to check it agaisnt there input
- if($passwordFromDb === $passwordFromForm){
- //The password they entered was the same as the password in the database
- } else {
- //The password was wrong
- }
Add Comment
Please, Sign In to add comment