Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $user = $_POST['user']; // username from form
- $password = $_POST['password']; // password sent from from
- $hash = md5($password);
- // query the db for the user and password combo
- $userid = query("select id from users where username = '".clean($user)." ' and passowrd = '".clean($hash)."' LIMIT 1";
- if ($userid !== false) {
- // authentication passed
- } else {
- // auth failed
- }
- // note:
- // clean() is is your custom function that escapes mysql input
- // query() is your custom function that queries the db, and returns false on a null resultset
- // $userid !== false is used instead of $userid != false since the userid may be 0, see "type comparisons"..
Add Comment
Please, Sign In to add comment