Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once 'handler.php';
- $username = cleanString($_POST['username']);
- $password = md5($_POST['password']);
- if(empty($username) || empty($password))
- {
- echo 'You must enter a username and password!';
- }
- else
- {
- $sql = mysql_query("SELECT * FROM users WHERE username='$username'");
- if(mysql_num_rows($sql) < 1)
- {
- echo 'That username does not exist.';
- }
- else
- {
- $sql2 = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
- if(mysql_num_rows($sql2) < 1)
- {
- echo 'Your password is incorrect.';
- }
- else
- {
- $result= mysql_query("SELECT postcode FROM users WHERE username='$username'");
- $row = mysql_fetch_assoc($result);
- $postcode = $row['password'];
- $_SESSION['username'] = $username;
- $_SESSION['password'] = $password;
- $_SESSION['postcode'] = $postcode;
- header('location: /index.php');
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement