<?if ($_POST['username']) {$username=trim($_POST['username']);$username = mys

1. <?
2. if ($_POST['username']) {
3. $username=trim($_POST['username']);
4. $username = mysql_real_escape_string($username);
5. $password=trim($_POST['password']);
6. $password=mysql_real_escape_string($password);
7. //$password = hash('md5','$password');
8.  
9.  
10.  
11. if ($password==NULL) {
12. header("Location: login.php?error=2");
13. }else{
14.  
15. if($_POST['code']!=$_SESSION['string']){
16. header("Location: login.php?error=1");
17. }else{
18.  
19. $query = mysql_query("SELECT username,password FROM tb_users WHERE username = '$username'") or die(mysql_error());
20. if(mysql_num_rows($query) == 0)
21. {
22. header("Location: login.php?error=3");
23.  
24. } else {
25. $data = mysql_fetch_array($query);
26. if($data['password'] != $password) {
27. header("Location: login.php?error=4");
28. }else{
29.  
30. $query = mysql_query("SELECT username,password FROM tb_users WHERE username='$username' ") or die(mysql_error());
31. $row = mysql_fetch_array($query);
32.  
33. $nicke=$row['username'];
34. $passe=$row['password'];
35.  
36. setcookie("usNick",$nicke,time()+36000);
37. setcookie("usPass",$passe,time()+36000);
38.  
39. $lastlogdate=time();
40. $lastip = getRealIP();
41.  
42. $querybt = "UPDATE tb_users SET lastlogdate='$lastlogdate', lastiplog='$lastip' WHERE username='$nicke'";
43. mysql_query($querybt) or die(mysql_error());
44.  
45. $query = mysql_query("SELECT akhirupgrade from tb_upgrade WHERE username = '$username' and status='upgraded'") or die(mysql_error());
46. if(mysql_num_rows($query) > 0) {
47. $row = mysql_fetch_array($query);
48. $akhir=$row["akhirupgrade"];
49. $tgl=time();
50. if ($tgl > $akhir) {
51. $query = mysql_query("update tb_upgrade set status='', date='', paket='', akhirupgrade='' WHERE username='$username' and status='upgraded'");
52. $query = mysql_query("update tb_users set account='' WHERE username='$username'");
53. }
54. }
55. header("Location: member.php");
56. }
57.  
58. }
59.  
60. }
61.  
62. }
63.  
64. }
65.  
66. ?>
67.  
68. $password = password_hash(filter_input(INPUT_POST, "password"));
69.  
70. $passwordFromDb = $result['password']; //Password from the database
71. $passwordFromLoginForm = password_hash(filter_input(INPUT_POST, "password");
72.  
73. //Then when youve got the password to check it agaisnt there input
74.  
75. if($passwordFromDb === $passwordFromForm){
76. //The password they entered was the same as the password in the database
77. } else {
78. //The password was wrong
79. }
80.  
81. $password = md5(filter_input(INPUT_POST, "password"));//Store password
82.  
83.  
84. $passwordFromDb = $result['password']; //Password from the database
85. $passwordFromLoginForm = md5(filter_input(INPUT_POST, "password");
86.  
87. //Then when youve got the password to check it agaisnt there input
88.  
89. if($passwordFromDb === $passwordFromForm){
90. //The password they entered was the same as the password in the database
91. } else {
92. //The password was wrong
93. }