Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!isset($_SESSION['username']) and (isset($_POST['username']))){
- $username = $_POST['username'];
- $password = hash("sha512", $_POST['password']);
- $uname = mysql_real_escape_string($username);
- $upass = mysql_real_escape_string($password);
- if ((!empty($uname)) or (!empty($upass))){
- $login = mysql_query("SELECT * FROM `users` WHERE `username` = '".$uname."' AND `password` = '".$upass."'");
- if (mysql_num_rows($login)){
- $user = mysql_fetch_assoc($login);
- //extract($user, EXTR_PREFIX_ALL, "users"); // this sets all fields in the mysql database to variables
- $_SESSION['username'] = $user_name;
- @@$_SESSION['userid'] = $login['userid'];
- echo '
- <p>Thank you for logging in ' . $username . ' click <a href="index.php?page=usercp">here</a>
- if your browser does not automatically re-direct you.</p>';
- }
- else {
- echo "<p>Invalid Login or Password.</p>";
- }
- }
- else {
- echo "<p>Login Failed</p>";
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
