Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //require 'config.php';
- //$usernameVal=$_REQUEST['email'];
- //$passwordVAl=$_REQUEST["password"];
- if(isset($_POST['login'])) {
- $usernameVal=$_REQUEST['username'];
- $escapedPW = $_REQUEST['password'];
- //$escapedPW = mysqli_real_escape_string($con,$_REQUEST['password']);
- //save this user and pass as cookie if remeber checked start
- if (isset($_REQUEST['remember']))
- $escapedRemember = mysqli_real_escape_string($con,$_REQUEST['remember']);
- $cookie_time = 60 * 60 * 24 * 30; // 30 days
- $cookie_time_Onset=$cookie_time+ time();
- if (isset($escapedRemember)) {
- /*
- * Set Cookie from here for one hour
- * */
- setcookie("username", $usernameVal, $cookie_time_Onset);
- setcookie("password", $escapedPW, $cookie_time_Onset);
- } else { $cookie_time_fromOffset=time() -$cookie_time;
- setcookie("username", '',$cookie_time_fromOffset );
- setcookie("password", '', $cookie_time_fromOffset);
- }
- //save this user and pass as cookie if remember checked end
- //now check user and pass verification
- $query = "select * from users where username = '$usernameVal'";
- $resultSet = mysqli_query($con,$query);
- if(@mysqli_num_rows($resultSet) > 0){
- //check noraml user salt and pass
- $saltQuery = "select salt from users where username = '$usernameVal';";
- $result = mysqli_query($con,$saltQuery);
- $row = mysqli_fetch_assoc($result);
- $salt = $row['salt'];
- $saltedPW = $escapedPW . $salt;
- $hashedPW = hash('sha256', $saltedPW);
- $query = "select * from users where username = '$usernameVal' and password = '$hashedPW' ";
- $resultSet = mysqli_query($con,$query);
- if(@mysqli_num_rows($resultSet) > 0){
- $row = mysqli_fetch_assoc($resultSet);
- echo "your username and password is corrent";
- $name=$row["firstname"];
- echo $name;
- //echo $firstname;
- //session_start();
- // $_SESSION["user_id"]=$row["user_id"];
- $_SESSION["username"]=$row["username"];
- $_SESSION["email"] =$row["email"];
- header("location:indexfb.php");
- exit();
- //header("location:index.php");
- }
- else
- {
- echo "your username or password is incorrect";
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment