Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $sanitized_UName = mysql_real_escape_string(strtoupper($_POST['user'])); //Sanitized username to prevent SQL injections
- //If login is successful
- $query = mysql_query("SELECT UID, UName, passwd, status FROM users WHERE UName='".$sanitized_UName."';");
- $record = mysql_fetch_assoc($query);
- echo $record['passwd']."<br />".crypt($_POST['pass'], "f$7a%fb%8f*c1f$093@&6596_ce18%8d4^80ff$1b");
- if ($record['passwd'] == crypt($_POST['pass'], "f$7a%fb%8f*c1f$093@&6596_ce18%8d4^80ff$1b")){
- echo "SUCCESS";
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
