Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //add slashes to the username and md5() the password
- $user = addslashes($_POST['Username']);
- $pass = ($_POST['Password']);
- //set the database connection variables
- $dbHost = "";
- $dbUser = "";
- $dbPass = "";
- $dbDatabase = "";
- //connet to the database
- $db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database.");
- mysql_select_db($dbDatabase, $db) or die ("Couldn't select the database.");
- $pass = md5($pass);
- $result=mysql_query("select * from user where username='$user' AND password='$pass'", $db);
- //check that at least one row was returned
- $rowCheck = mysql_num_rows($result);
- if($rowCheck > 0){
- while($row = mysql_fetch_array($result)){
- //start the session and register a variable
- setcookie("user", $user, time()-3600);
- setcookie("user", $user, time()+3600);
- $muser = $_COOKIE['user'];
- $queryadmin = mysql_query("select * from user where username='$muser' AND group='admin'", $db);
- $rowCheck2 = mysql_num_rows($queryadmin);
- if($rowCheck2 > 0){
- $_SESSION['admin']=1;
- }
- //successful login code will go here...
- echo 'Success!';
- echo '<a href="index.php">Back to home</a>';
- echo '<meta http-equiv="refresh" content="1;url=index.php">';
- }
- }
- else{
- //if nothing is returned by the query, unsuccessful login code goes here...
- echo 'Incorrect login name or password. Please try again.';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement