Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $cookie_name = "loggedin";
- $servername = "localhost";
- $username = "hergottm_test";
- $password = "172839";
- $database = "hergottm_test";
- $conn = mysqli_connect($servername, $username, $password, $database);
- if (!$conn){
- die("Database connection failed: ".mysqli_connect_error());
- }
- if (isset($_POST['login']))
- {
- $user = $_POST['username'];
- $pass = $_POST['password'];
- $admin = 0;
- $phash = sha1(sha1($pass."salt")."salt");
- // Admin stuff
- if($sql = "SELECT * FROM users WHERE username='$user' AND password='$phash' AND admin='1';")
- {
- $admin = 1;
- }else if($sql = "SELECT * FROM users WHERE username='$user' AND password='$phash' AND admin='0';"){
- // do nothing its 0 and not the admin
- }
- $result = mysqli_query($conn, $sql);
- $count = mysqli_num_rows($result);
- if ($count == 1)
- {
- if($admin == 1)
- {
- // go to random page
- header("Location: www.google.ca");
- }
- $cookie_value = $user;
- setcookie($cookie_name, $cookie_value, time() + (180), "/");
- header("Location: ../Login/personal.php");
- }
- else
- {
- echo htmlspecialchars("Username or password is incorrect!",ENT_QUOTES,'UTF-8');
- }
- }
- else if (isset($_POST['register']))
- {
- $user = $_POST['username'];
- $pass = $_POST['password'];
- $phash = sha1(sha1($pass."salt")."salt");
- $sql = "INSERT INTO users (id, username, password, admin) VALUES ('', '$user', '$phash', '0');";
- $result = mysqli_query($conn, $sql);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement