Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //brukernavn og passord sendt fra loginsiden
- $username = /*mysql_real_escape_string(*/$_POST['bruker']/*)*/;
- $pasword= /*mysql_real_escape_string(*/$_POST['passord']/*)*/;
- $login=$_GET['login'];
- if(isset($_SESSION['login']))
- {
- die(header("location:../sider/index.php")); //sjekker om du allerede er logget inn!
- }
- if($login=='ok'){
- //koble til database
- include("../settings/connect.php");
- //velg database
- $crypt_password = sha1(md5(sha1($_POST['passord']))); //krypterer passordet
- $usersecure = mysql_real_escape_string($username); //Stopper MySql injection
- $passsecture = mysql_real_escape_string($crypt_password); //Stopper MySql injection
- $sql="SELECT * FROM $table WHERE fornavn='$usersecure' and passord='$passsecture'";
- $result=mysql_query($sql);
- $count=mysql_num_rows($result);
- if($count==1){
- //$_SESSION['login']="ok";
- $_SESSION['login'] = md5('ok');
- $_SESSION['navn'] = $_POST['bruker'];
- include("../sider/index.php");
- }
- else{ // hvis den ikke får logget inn
- echo("<script language = 'javascript'>alert('Feil brukernavn eller passord!'); </script>");
- echo '<script language="javascript">window.location = "../sider/index.php"</script>'; // går tilbake til registrerings siden
- }
- }
- if(!$con)
- {
- die('Could not connect: ' .mysql_error());
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement