Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(E_ALL);
- //function pre($array) { echo sprintf("<pre>%s</pre>", print_r($array, true)); } pre($_POST);
- //declaration of variables
- //creating connection to serve
- $con = mysql_connect("localhost","user","pass") or die('Could not connect to server' . mysql_error());
- $table = "user_pass";
- $db = "whackand_wikieng";
- //making user input safe
- mysql_select_db($db, $con);
- $username = mysql_real_escape_string($_POST['username']);
- $password = mysql_real_escape_string($_POST['password']);
- //$username = $_POST["username"];
- //$password = $_POST["password"];
- $result = mysql_query("SELECT Number FROM $table WHERE Username = '$username' AND Password = '$password'");
- $row = mysql_num_rows($result);
- //echo $row;
- //echo $id;
- if($row > 0)
- {
- session_start();
- $_SESSION['authenticate'] = 1;
- header("Location: upload_form-1.php");
- }
- else
- {
- session_start();
- $_SESSION['authenticate'] = '';
- header("Location: not_allowed.php");
- }
- //closing server connection
- mysql_close($con);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
