API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 9th, 2017
87
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.98 KB | None | 0 0
raw download clone embed print report
  1. My login.php
  2. <?php
  3. session_start(); //allows session
  4. include "config.php";
  5.  
  6. if($logged[id]) {
  7. //welcomes the member
  8. echo "Welcome $logged[username]<br><br>";
  9. //shows the user menu
  10. $new = mysql_query("select * from pmessages where unread = 'unread' and touser = '$logged[username]'");
  11. $new = mysql_num_rows($new);
  12. echo "
  13. - <a href='welcome.php'>Members Page</a><br>
  14. - <a href='members.php'>View Members</a><br>
  15. - <a href='editprofile.php'>Edit Profile</a><br>
  16. - <a href='members.php?user=$logged[username]'>View Your Profile</a><br><br>
  17. - <a href='messages.php'>Private Messages ($new New)</a><br>
  18. - <a href='newfriends.php'>Friend Requests</a><br>
  19. - <a href='changepassword.php'>Change Password</a><br>
  20. - <a href='logout.php?logout'>Logout</a>";
  21. }else
  22. //if there trying to login
  23. if(isset($_GET['login'])) {
  24. //removes sql injections from the data
  25. $username= htmlspecialchars(addslashes($_POST[username]));  
  26. //encrypts the password
  27. $password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST[password]))))))));
  28. //gets the username data from the members database
  29. $uinfo = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());  
  30. //see if the user exists
  31. $checkuser = mysql_num_rows($uinfo);
  32. //if user name not found in database error
  33. if($checkuser == '0')
  34. {
  35. echo "Username not found";
  36. }else{
  37. //fetch the sql
  38. $udata = mysql_fetch_array($uinfo);
  39. //checks see if the account is verified
  40. if($udata[userlevel] == 1) {  
  41. echo "This account had not been verified.";
  42. }
  43. //if it is continue
  44. else
  45. //if the db password and the logged in password are the same login
  46. if($udata[password] == $password) {
  47. $query = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());  
  48. //fetchs the sql
  49. $user = mysql_fetch_array($query);
  50. $last_date = date("l, F j, Y h:i A");
  51. $update = mysql_query("UPDATE `members` SET `last_seen` = '$last_date' WHERE `username` = '$user[username]' AND `id` = '$user[id]';") or die(mysql_error());
  52. //sets the logged session
  53. $_SESSION['id'] = "$user[id]";
  54. $_SESSION['password'] = "$user[password]";
  55.  
  56. echo "You are now logged in, Please wait. . .";
  57. //redirects them
  58. echo "<meta http-equiv='Refresh' content='2; URL=welcome.php'/>";
  59. }
  60. //wrong password
  61. else{
  62. echo "Incorrect username or password!";  
  63. }
  64. }
  65. }else{
  66. //If not the above show the login form
  67. echo "<form action='login.php?login' method='post'>
  68. <table width='200'>
  69.  <tr>
  70.    <td width='120'>Username:</td>
  71.    <td width='180'><input type='text' name='username' size='17' maxlength='50'></td>
  72.  </tr>
  73.  <tr>
  74.    <td>Password:</td>
  75.    <td><input type='password' name='password' size='17' maxlength='50'></td>
  76.  </tr>
  77.    <tr>
  78.    <td colspan='2'><input type='submit' value='Login'></td>
  79.  </tr>
  80. </table>
  81. </form>
  82. <a href='register.php'>Register to DE!</a> <strong>::</strong> <a href='forgotpass.php'>Forgot Password</a>";
  83. }
  84. ?>
  85.  
  86. my config is still the same as here in the tut.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!