<?php include_once("db.php");$myusername = $_GET['u'];$passwordHash =

1. <?php
2. include_once("db.php");
3.  
4. $myusername = $_GET['u'];
5.  
6. $passwordHash = sha1(strip_tags($_GET['p']));
7.  
8. $sql="SELECT * FROM members WHERE username='$myusername' and password='$passwordHash'";
9.  
10. $rs = mysql_query($sql) or die ("Query failed");
11.  
12. // Mysql_num_row is counting table row
13. $numofrows = mysql_num_rows($rs);
14. // If result matched $myusername and $mypassword, table row must be 1 row
15.  
16. if ($numofrows==1) {
17.  
18. // Access Granted Begin Whisper update procedure
19. ECHO 'Access Granted';
20. $sql="SELECT * FROM members WHERE username='$myusername' and password='$passwordHash'";
21. $rs = mysql_query($sql) or die ("Query failed");
22. // Mysql_num_row is counting table row
23. $numofrows = mysql_num_rows($rs);
24. // If result matched $myusername and $mypassword, table row must be 1 row
25. if($numofrows==1)
26. {
27. // Run check for messages
28. $query = "SELECT `from`, `too`, `message` FROM `outbox` WHERE from='$myusername'";
29. $sqlinbox = mysql_query($query);
30. $outbox = mysql_fetch_array($sqlinbox);
31. $sender = $outbox['from'];
32. $reciever = $outbox['too'];
33. $message = $outbox['message'];
34. echo $message;
35. } else {
36. ECHO 'User Dose Not Esist';
37. exit;
38. }
39. ?>