Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_name('MYSESSION');
- session_set_cookie_params(0, '/~cgreenheld/');
- session_start();
- ?>
- <?php
- if($_SESSION['authorisation'] == 'knownuser') {
- echo '<ul class="log">';
- echo '<li><h4>You are logged in "'.$_SESSION['user'].'"</h4></li>';
- echo '<li><a href="logout.php">Logout</a></li>';
- echo "</ul>";
- }
- else {
- echo "<h4>You are not logged in</h4>";
- }
- ?>
- <?php
- if($_SESSION['authorisation'] == 'knownuser') {
- echo "<ul>";
- echo "<li><h4>You are logged in and already have an account</h4></li>";
- echo '<li><a href="index.php">Return Home</a></li>';
- echo "</ul>";
- }
- else {
- echo "<form method='post' action='".$_SERVER['PHP_SELF']."'>";
- echo '<fieldset class="login">';
- echo "<h2>Login</h2>";
- echo "<ul>";
- echo '<li><label for="Username"> Username: </label> <input type="text" name="Username" id="Username"></li>';
- echo '<li><label for="Password"> Password: </label> <input type="password" name="Password" id="Password"></li>';
- echo '<li><input type="submit" value="Login"><li>';
- echo "</ul>";
- echo "</fieldset>";
- echo "</form>";
- }
- if ((isset($_POST['Password'])) && $_POST['Password'] != "") {
- $conn= new mysqli("localhost", "my_user", "my_password", "world"); //changed for the sake of this question
- $match_Username = '%';
- $match_Password ='';
- if(isset($_POST['Password'])) {
- $clean_Password = mysqli_real_escape_string($conn, $_POST['Password']);
- $match_Password = sha1($clean_Password);
- }
- if (isset($_POST['Username'])) {
- $clean_Username = mysqli_real_escape_string($conn, $_POST['Username']);
- $match_Username = $clean_Username;
- }
- echo $query = "select * from User WHERE Username = '$match_Username' and Password = '$match_Password';";
- $result = $conn->query($query);
- if ($result->num_rows==1) {
- $_SESSION['authorisation'] = 'knownuser';
- $_SESSION['user'] = $_POST['Username'];
- header("Location: index.php");
- exit;
- } else {
- $_SESSION['authorisation'] = 'unknownuser';
- header("Location: error.php");
- exit;
- }
- }
- if($_SESSION['authorisation'] == 'knownuser') {
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement