Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if ((!isset($_POST['login'])) || (!isset($_POST['haslo']))) {
- header("Location: index.php");
- exit();
- }
- require_once "connect.php";
- $connection = @new mysqli($host, $db_user, $db_password, $db_name);
- if ($connection->connect_errno!=0) {
- echo "Error: ".$connection->connect_errno;
- }
- else {
- $login = $_POST['login'];
- $pswrd = $_POST['haslo'];
- $login = htmlentities($login, ENT_QUOTES, "UTF-8");
- $pswrd = htmlentities($pswrd, ENT_QUOTES, "UTF-8");
- if ($result = @$connection->query(
- sprintf("SELECT * FROM uzytkownicy WHERE user='%s' AND pass='%s'",
- mysqli_real_escape_string($connection,$login),
- mysqli_real_escape_string($connection,$pswrd)))) {
- $is_usr = $result->num_rows;
- if($is_usr>0) {
- $_SESSION['logged_in'] = true;
- $row_name = $result->fetch_assoc();
- $_SESSION['id'] = $row_name['id'];
- $_SESSION['user'] = $row_name['user'];
- $_SESSION['access_rights'] = $row_name['access_rights'];
- unset($_SESSION['log_in_error']);
- $result->close();
- if ($_SESSION['access_rights']) {
- header("Location: admin.php");
- }
- else { header("Location: application.php"); }
- } else {
- $_SESSION['log_in_error'] = '<span style="color:red">Nieprawidłowy login lub hasło!</span>';
- header("Location: index.php");
- }
- }
- $connection->close();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement