Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("blog/dbinformation.php");
- mysql_connect ($dbhost, $dbuser, $dbpass);
- mysql_select_db ($dbname);
- session_start();
- if (!isset($_SESSION['loggedIn'])) {
- $_SESSION['loggedIn'] = false;
- }
- $num = 0;
- if (isset($_POST['username'])) {
- $sql = mysql_query("SELECT * FROM users WHERE username='" . $_POST['username'] . "'");
- while($row = mysql_fetch_array($sql)){
- if (sha1($_POST['password']) == $row['password']) {
- $_SESSION['loggedIn'] = true;
- } else {
- die ('Incorrect.');
- $num ++;
- }
- }
- }else{
- die ('Incorrect.');
- $num ++;
- }
- mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."' AND password = '".$_POST['password']."'");
- if ($num .= 0){ ?>
- <html><head><title>Login</title></head>
- <body>
- <p>You need to login</p>
- <form method="post">
- Username: <input type="password" name="username"> <br />
- Password: <input type="password" name="password"> <br />
- <input type="submit" name="submit" value="Login">
- </form>
- </body>
- </html>
- <?php
- }
- exit();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
