API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 19th, 2016
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.10 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. $salt = 'j*Ws95V*reje^uaQP$Z@SuaNR!ymP_zfWR&*4Qe7qmNN&9J';
  4. $passHash = 'd64573aaa3ab9666e4d4f21a0c63e8a8011ceff5';
  5. // first check they if they are logging out
  6. // if logging in make sure its the right password
  7. if ($_POST['password']) {
  8. $_SESSION['loggedin'] = (sha1($_POST['password'] . $salt) === $passHash);
  9. }
  10. // create a db connection
  11. $connection = mysqli_connect('localhost', 'root', '', 'test');
  12. // if they are submitting a post we will insert it into a db
  13. if ($_POST['title']) {
  14. $title = htmlentities($_POST['title']);
  15. $content = htmlentities($_POST['content']);
  16. if (!$connection->query("INSERT INTO `pass_posts` (`title`, `content`) VALUES ('" . $title . "','" . $content . "')")) {
  17. $failed = true;
  18. };
  19. }
  20. ?>
  21. <!doctype html>
  22. <html lang="en">
  23. <head>
  24. <meta charset="UTF-8">
  25. <title>Pass Example</title>
  26. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
  27. integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
  28. crossorigin="anonymous">
  29. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
  30. integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
  31. crossorigin="anonymous">
  32. <script src="http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js"></script>
  33. <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"
  34. integrity="sha384-0mSbJDEHialfmuBBQP6A4Qrprq5OVfW37PRR3j5ELqxss1yVqOtnepnHVP9aJ7xS"
  35. crossorigin="anonymous"></script>
  36. </head>
  37. <body>
  38. <header>
  39. <h1>My Blog</h1>
  40. </header>
  41. <?php if ($_SESSION['loggedin']): ?>
  42. <div class="container">
  43. <h2>I am not so secret content</h2>
  44. <?php if ($failed) {
  45. echo '<div class="alert alert-danger">Insert failed</div>';
  46. } else if ($_POST['title']) {
  47. // if it didnt fail when posted
  48. echo '<div class="alert alert-success">Insert Succeeded</div>';
  49. }
  50. ?>
  51. <form method="post" action="php.php">
  52. <label for="title">title</label><br><input id="title" type="text" placeholder="Title" name="title"><br>
  53. <label for="content">content</label><br>
  54. <input id="content" type="text" placeholder="content" name="content"><br>
  55. <input type="submit" value="Submit">
  56. </form>
  57. </div>
  58. <hr>
  59. <?php endif; ?>
  60. <div class="container">
  61. <?php
  62. $results = $connection->query('SELECT * FROM `pass_posts`');
  63. while ($posts = $results->fetch_assoc()):
  64. ?>
  65. <div class="row">
  66. <h3><?php echo html_entity_decode($posts['title']); ?></h3>
  67. <p><?php echo html_entity_decode($posts['content']); ?></p>
  68. </div>
  69. <hr>
  70. <?php
  71. endwhile;
  72. ?>
  73. </div>
  74. <footer>
  75. <?php if ($_SESSION['loggedin']): ?>
  76. <a href="logout.php">Log out</a>
  77. <?php else: ?>
  78. <form method="post" action="php.php">
  79. <label for="username">Username</label>
  80. <input type="username" name="username" id="username">
  81. <label for="password">Password</label>
  82. <input type="password" name="password" id="password">
  83. <input type="submit" value="Log in">
  84. </form>
  85. <form method="post" action="register.php">
  86. <label for="username">Username</label>
  87. <input type="username" name="username" id="username">
  88. <label for="password">Password</label>
  89. <input type="password" name="password" id="password">
  90. <input type="submit" value="Log in">
  91. </form>
  92. <?php endif; ?>
  93. </footer>
  94. </body>
  95. </html>
  96. <?php
  97. // close connection cause we're done
  98. $connection->close();
  99. ?>
  100.  
  101. <html>
  102. <head>
  103. </head>
  104. <body>
  105. <?php
  106. if (!isset($_POST['submit'])){
  107. ?>
  108. <!-- The HTML login form -->
  109. <form action="<?=$_SERVER['PHP_POST']?>" method="post">
  110. Username: <input type="text" name="username" /><br />
  111. Password: <input type="password" name="password" /><br />
  112.  
  113. <input type="submit" name="submit" value="Login" />
  114. </form>
  115. <?php
  116. } else {
  117. $mysqli = mysqli_connect('localhost', 'root', '', 'php_mysql_login_system');
  118. # check connection
  119.  
  120. $username = $_POST['username'];
  121. $password = $_POST['password'];
  122.  
  123. $sql = "SELECT * from users WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1";
  124. $result = $mysqli->query($sql);
  125. if (!$result->num_rows == 1) {
  126. echo "<p>Invalid username/password combination</p>";
  127. } else {
  128. echo "<p>Logged in successfully</p>";
  129. // do stuffs
  130. }
  131. }
  132. ?>
  133. </body>
  134. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!