Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //Opens connection to database
- $connection = mysql_connect("localhost", "bagofdus_david", "OMGSENSWORD");
- //Selects database
- mysql_select_db("bagofdus_schoolStudent");
- //Srores username and password in two variables
- $username=$_POST["usernameText"];
- $password=$_POST["passwordText"];
- //Sql injection protection, prevents extra characters
- $user=mysql_real_escape_string($username);
- $pass=mysql_real_escape_string($password);
- //Query selects relevant record from the database
- $query=mysql_query("SELECT * FROM student where username='$username' AND password='$password'");
- //Checks that username and password are in the same row
- $count=mysql_num_rows($query);
- if($count==1)
- {
- echo "Login Successful";
- $hour = time() + 3600;
- //Sets a one hour cookie
- setcookie(username, $_POST['username'], $hour);
- setcookie(password, $_POST['password'], $hour);
- header('Location: home.html');
- }
- else
- {
- echo "Username or password is incorrect";
- }
- ?>
Add Comment
Please, Sign In to add comment