Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Include Database
- include_once("db.php");
- // Get Variable's Username / Password from URL
- $myusername = $_GET['u'];
- $passwordHash = sha1(strip_tags($_GET['p']));
- $sender = $_GET['s'];
- $whisper = $_GET['w'];
- $subject = 'New Whisper';
- // Check that username / Password match database
- $sql="SELECT * FROM members WHERE username='$myusername' and password='$passwordHash'";
- $rs = mysql_query($sql) or die ("Query failed");
- // Mysql_num_row is counting table row
- $numofrows = mysql_num_rows($rs);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($numofrows==1){
- // Access Granted Begin Whisper update procedure
- ECHO 'Access Granted';
- // Add the new whisper to the database
- mysql_query("INSERT INTO messages (reciever, sender, message) VALUES('$myusername', '$sender', '$whisper')") or die (mysql_error());
- } else
- {
- ECHO 'User Dose Not Esist';
- exit;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement