Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if (!isset($_SESSION['inicjuj']))
- {
- session_regenerate_id();
- $_SESSION['inicjuj'] = true;
- $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
- }
- if($_SESSION['ip'] != $_SERVER['REMOTE_ADDR'])
- {
- die('');
- }
- if(isset($_POST['username'])) {
- $username = $_POST['username'];
- $username = $mysqli->real_escape_string($username);
- $userpassword = md5($_POST['password']);
- $query = "SELECT id, nazwa, haslo FROM uzytkownicy WHERE nazwa='" .$username. "'";
- if(!$result = $mysqli->query($query)) {
- die ($mysqli->error);
- } else {
- if($row_cnt = $result->num_rows == 0) {
- echo ("No user!");
- } else {
- $row = $result->fetch_assoc();
- if($userpassword == $row['haslo']) {
- $_SESSION['id'] = $row['id'];
- } else {
- die ('wrong user or pass');
- }
- }
- }
- }
- if(!isset($_SESSION['id'])) {
- echo '<form method="post" action="index.php">
- Login: <input type="text" name="username"/>
- <input type="password" name="password"/>
- <input type="submit" value="OK"/></form>';
- exit;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement