Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- #Begin Session
- session_start();
- #Session Check and set timeout
- $_SESSION['timeout'] = time();
- #Import Database info and Encryption class
- include_once("dbinfo.php"); #Contains Database, Host, Username and Password
- include_once("ED.php"); #Contains class for encrypting and decrypting data
- $sec = new Security();
- #Get username and password from login
- $user = (string)$_POST['username'];
- $pass = (string)$_POST['password'];
- #Connect to database
- $conn = new mysqli($host, $username, $password, $db);
- if($conn->connect_error) die($conn->connect_error);
- #Select the database 'users'
- $query = "select * from users";
- $result = $conn->query($query);
- #If query failed, display error
- if(!$result) die($conn->error);
- #Dump table contents
- $rows = $result->num_rows;
- #Check each row in the table
- for($j = 0; $j < $rows; ++$j){
- $result->data_seek($j);
- $row = $result->fetch_array(MYSQLI_ASSOC);
- #Get username and password
- $dbuser = (string)$row['username'];
- $dbpass = (string)$sec->Decrypt($row['password']);
- echo $dbpass;
- #Compare POST with queried data
- if($user == $dbuser && $pass == $dbpass){
- echo "pass<br>";
- echo $user ." ". $dbuser;
- echo "<br>";
- echo $pass . " " . $dbpass;
- #Create successful session
- $_SESSION['loggedin'] = 1;
- $_SESSION['username'] = $dbuser;
- $result->close();
- $conn->close();
- #header("Location: /keys");
- exit;
- }else{
- echo "fail<br>";
- echo "POST: ".$user ." DATABASE: ". $dbuser;
- echo "<br>";
- echo "POST: ".$pass . " DATABASE: " . $dbpass;
- #If fails, return with error
- #header("Location: https://www.linuxman.co:666?error=1");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement