Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <div id="login_form">
- <?php
- if (isset($_SESSION['username']))
- header('Location: ?page=overview');
- else
- {
- echo "
- <div id='form_placement'
- <form action='.' method='POST'>
- <input type='text' name='username' id='username' value='Username' />
- <br />
- <input type='password' name='password' id='password' value='Password' /><br />
- <input type='submit' name='submit' id='loginSubmit' class='loginSubmit' value='Log in' />
- </form>
- </div>
- ";
- }
- ?>
- <?php
- if (isset($_POST['submit']))
- {
- //Get data
- $username = $_POST['username'];
- $password = $_POST['password'];
- if ($username && $password)
- {
- // To protect MySQL injection
- $username = stripslashes($username);
- $password = stripslashes($password);
- $username = mysqli_real_escape_string($connect, $username);
- $password = mysqli_real_escape_string($connect, $password);
- $login = mysqli_query($connect, "SELECT * FROM users WHERE username = '$username'");
- while ($row = mysqli_fetch_assoc($login))
- {
- $db_password = $row['password'];
- if (sha1($password) == $db_password)
- $loginok = TRUE;
- else
- $loginok = FALSE;
- if ($loginok == TRUE)
- {
- // Register $username, $password
- $_SESSION["username"] = $username;
- exit();
- }
- else
- die('Feil brukernavn/passord.');
- }
- }
- else
- echo "Vennligst fyll ut alle felter.";
- }
- ?>
- </div> <!-- Closes #login_form -->
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement