Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- function confirmUser($username, $password){
- global $conn;
- if(!get_magic_quotes_gpc()) {
- $username = addslashes($username);
- }
- $q = "select password from users where username = '$username'";
- $result = mysql_query($q,$conn);
- if(!$result || (mysql_numrows($result) < 1)){
- return 1; //Indicates username failure
- }
- $dbarray = mysql_fetch_array($result);
- $dbarray['password'] = stripslashes($dbarray['password']);
- $password = stripslashes($password);
- if($password == $dbarray['password']){
- return 0; //Success! Username and password confirmed
- }
- else{
- return 2; //Indicates password failure
- }
- }
- function checkLogin(){
- if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
- $_SESSION['username'] = $_COOKIE['cookname'];
- $_SESSION['password'] = $_COOKIE['cookpass'];
- }
- if(isset($_SESSION['username']) && isset($_SESSION['password'])){
- if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
- unset($_SESSION['username']);
- unset($_SESSION['password']);
- return false;
- }
- return true;
- }
- else{
- return false;
- }
- }
- function displayLogin(){
- global $logged_in;
- if($logged_in){
- echo "<h1>Logged In!</h1>";
- echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
- }
- else{
- ?>
- <h1>Login</h1>
- <form action="" method="post">
- <table align="left" border="0" cellspacing="0" cellpadding="3">
- <tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
- <tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
- <tr><td colspan="2" align="left"><input type="checkbox" name="remember">
- <font size="2">Remember me next time</td></tr>
- <tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
- <tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
- </table>
- </form>
- <?
- }
- }
- if(isset($_POST['sublogin'])){
- if(!$_POST['user'] || !$_POST['pass']){
- die('You did not fill in a required field.');
- }
- $_POST['user'] = trim($_POST['user']);
- if(strlen($_POST['user']) > 30){
- die("Sorry, the username is longer than 30 characters, please shorten it.");
- }
- $md5pass = md5($_POST['pass']);
- $result = confirmUser($_POST['user'], $md5pass);
- if($result == 1){
- die('That username does not exist in our database.');
- }
- else if($result == 2){
- die('Incorrect password, please try again.');
- }
- $_POST['user'] = stripslashes($_POST['user']);
- $_SESSION['username'] = $_POST['user'];
- $_SESSION['password'] = $md5pass;
- if(isset($_POST['remember'])){
- setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
- setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
- }
- echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
- return;
- }
- $logged_in = checkLogin();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
