Advertisement
arxcorp

log in - php

Apr 21st, 2012
84
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.14 KB | None
  1. <?php
  2.  
  3. $link = mysql_connect("localhost", "auth_user", "password");
  4. mysql_select_db("auth", $link);
  5.  
  6. function login($username, $password) {
  7. $username = addslashes($username);
  8. $password = md5($password);
  9. $query = mysql_query("SELECT * FROM user_accounts WHERE username=$username AND password=$password");
  10. if(mysql_num_rows($query) == "1" ) {
  11. $info = mysql_fetch_array($query);
  12. $userid = $info['userid'];
  13. $sessionid = md5($userid . time());
  14. $time = time();
  15. @setcookie ('test_account', $sessionid, $time+3600, '/', '');
  16. mysql_query("DELETE FROM user_sessions WHERE userid=$userid");
  17. mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES($sessionid,$userid,$time)");
  18. return $userid;
  19. } else {
  20. return 0;
  21. }
  22. }
  23.  
  24. function status() {
  25. $sessionid = $_COOKIE['test_account'];
  26. $oldtime = time() - 3600;
  27. $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid=$sessionid AND timestamp>$oldtime");
  28. printf("query1: $query<br />");
  29. if(mysql_num_rows($query) == 1) {
  30. $info = mysql_fetch_array($query);
  31. return $info['userid'];
  32. }
  33. return 0;
  34. }
  35.  
  36. function logout() {
  37. $sessionid = $_COOKIE['test_account'];
  38. @setcookie ("test_account",'', time()-99999, '/', '');
  39. mysql_query("DELETE FROM user_sessions WHERE sessionid=$sessionid");
  40. }
  41.  
  42. if($_POST['username'] !='' || $_POST['password'] != '') {
  43. $login_status = login($_POST['username'], $_POST['password']);
  44. } else if($_GET['logout']) {
  45. logout();
  46. }
  47. $userid = status();
  48. if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout'>Click here to logout</a>)"; } else {
  49.  
  50. if($login_status != '' || $login_status == 0); { echo "Invalid username/password combo.<br>"; }
  51. ?>
  52.  
  53. <form action="sample.php" method="POST">
  54. <input type=text name=username>
  55. <input type=password name=password>
  56. <input type=submit value="Log In">
  57. </form>
  58.  
  59. <?php } ?>
Advertisement
RAW Paste Data Copied
Advertisement