API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 22nd, 2017
69
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.21 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // Soubory nutne pro beh stranky
  3. require_once './functions/database.php';
  4.  
  5. // Zacatek nove relace
  6. @session_start();
  7.  
  8. // Prebrat uzivatelsky vstup
  9. $username = $_POST['username'];
  10. $password = md5($_POST['password']); // Heslo putuje primo do hashe kvuli bezpecnosti
  11. $fingerprint = $_POST['fingerprint'];
  12.  
  13. // Kontrola, jestli jsou zadane udaje
  14. if (isset($username) && isset($password) && isset($fingerprint)) {
  15. // Prvni probehne overeni otisku (prisel uzivatel z loginu?)
  16. if ($fingerprint == $_SESSION['fingerprint']) {
  17. // Kontrola delky uzivatelskeho jmena
  18. if (strlen($username) < 60 && strlen($username) > 0) {
  19. $db = new cDatabase; // Novy objekt pro praci s DB
  20. $db->connect(); // Navazani spojeni s databazi
  21.  
  22. $username = mysql_real_escape_string($username); // Protekce proti sql injekcim
  23.  
  24. // Pokus o nalezeni existujiciho uzivatele
  25. $trylogin = $db->query("SELECT login FROM uzivatel WHERE login LIKE '$username' AND passw LIKE '$password'");
  26.  
  27. // Nalezen existujici uzivatel
  28. if (mysql_num_rows($trylogin) == 1) {
  29. // Zaregistrovani novych promennych prenasenych v relaci
  30. $_SESSION['logged_in'] = 1;
  31. $_SESSION['username'] = $username;
  32.  
  33. // Odregistrovani uz nepotrebnych promennych
  34. @session_unregister('fingerprint');
  35.  
  36. // Odeslani headeru, ze login probehl v poradku a presmerovani uzivatele na hlavni stranku
  37. header('HTTP/1.1 200 OK');
  38. header('location: admin.php');
  39. } // END OF: Nalezen existujici uzivatel
  40. else { // Existujici uzivatel NEBYL nalezen
  41. header('HTTP/1.1 401 Unauthorized');
  42. header('location: index.php');
  43. exit();
  44. } // END OF: Existujici uzivatel NEBYL nalezen
  45.  
  46. $db->close(); // Uzavreni spojeni s DB
  47. $db = null; // Void objektu pro praci s DB
  48. } // END OF: Kontrola delky uzivatelskeho jmena
  49. } // END OF: Prvni probehne overeni otisku (prisel uzivatel z loginu?)
  50. } // END OF: Kontrola, jestli jsou zadane udaje
  51. else { // Udaje NEJSOU zadane
  52. header('HTTP/1.1 401 Unauthorized');
  53. header('location: index.php');
  54. exit();
  55. }
  56. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!