Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function login(){
- $user_login = mysql_real_escape_string($_POST['user_login']);
- $pass_login = mysql_real_escape_string($_POST['pass_login']);
- $submit_login = $_POST['submit_login'];
- $check_username = mysql_query("SELECT * FROM `account` WHERE username='$user_login'");
- $numacc = mysql_num_rows($check_username);
- if ($numacc == 1) {
- $user_login_get_username_and_password = mysql_query("SELECT * FROM `account` WHERE username='$user_login'");
- while ($row = mysql_fetch_array($user_login_get_username_and_password))
- {
- $db_username = $row['username'];
- $db_password = $row['password'];
- $db_id = $row['id'];
- }
- if(isset($submit_login) && strlen($user_login) > 1 && strlen($pass_login) > 1) {
- $pass_hash_login = sha1(strtoupper($user_login).'!'.strtoupper($pass_login));
- if($db_password == $pass_hash_login && strtoupper($db_username) == strtoupper($user_login)) {
- $_SESSION['username'] = $db_username;
- $_SESSION['id'] = $db_id;
- echo '<script type="text/javascript">alert("You are logged in, press OK to continue.");</script>';
- echo '<script type="text/javascript">window.location = "index.php"</script>';
- }else{
- die ('pass and user do not match');
- }
- }
- }
- }
Add Comment
Please, Sign In to add comment