API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 16th, 2017
128
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.60 KB | None | 0 0
raw download clone embed print report
  1. mysql query
  2.  
  3. ALTER TABLE table ADD COLUMN session_id varchar(512)
  4.  
  5.  
  6. Checklogin.php (the page the post form sends you too from Login.php)
  7.  
  8. <?php
  9.  
  10.     session_start();
  11.    
  12.     $username = stripslashes(mysql_real_escape_string($_POST['username']));
  13.     $password = stripslashes(mysql_real_escape_string($_POST['password']));
  14.     $password = hash(sha512, $password); // I suggest hashing with sha512 to keep passwords safe! :)
  15.    
  16.     $mysql_query = mysql_query("SELECT * FROM table WHERE username = '" . $username . "' AND password = '" . $password . "' ");
  17.     $count = mysql_num_rows($mysql_query);
  18.    
  19.     if ($count == '1') {
  20.         $session_id = hash(sha512, rand());
  21.         $_SESSION['session_id'] = $session_id;
  22.         $_SESSION['username'] = $username;
  23.         $_SESSION['password'] = $password;
  24.         $intodb = mysql_query("UPDATE table SET session_id = '" . $session_id . "' WHERE username = '" . $username . "' AND password = '" . $password . "' ");
  25.         header('Location: LoggedIn.php');
  26.     }
  27.    
  28.     else {
  29.         session_destroy();
  30.         header('Location: Login.php');
  31.     }
  32.    
  33. ?>
  34.  
  35. LoggedIn.php
  36.  
  37. <?php
  38.  
  39.     session_start();
  40.    
  41.     $session_id = $_SESSION['session_id'];
  42.     $username = $_SESSION['username'];
  43.     $password = $_SESSION['password'];
  44.    
  45.     $mysql_query = mysql_query("SELECT * FROM table WHERE username = '" . $username . "' AND password = '" . $password . "' ");
  46.     $mysql_output = mysql_fetch_array($mysql_query);
  47.    
  48.     $session_id_db = $mysql_output['session_id'];
  49.    
  50.     if ((isset($session_id)) && (isset($session_id_db)) && ($session_id == $session_id_db)) {
  51.         // logged in, output your data here.
  52.     }
  53.    
  54.     else {
  55.         header('Location: login.php');
  56.        
  57.     }
  58.    
  59. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!