<?php $mysql = array( 'host' => 'HOST', 'name' => 'DBNAME', 'user' =>

1. <?php
2. $mysql = array(
3. 'host' => 'HOST',
4. 'name' => 'DBNAME',
5. 'user' => 'DBUSER',
6. 'pass' => 'DBPASS'
7. );
8. $conn = mysql_connect($mysql['host'], $mysql['user'], $mysql['pass']) or die('noconnect');
9. mysql_select_db($mysql['name']);
10. $user = mysql_real_escape_string($_GET['user']);
11. $pass = mysql_real_escape_string($_GET['pass']);
12. $hash = sha1(strtolower($user) . $pass);
13. $query = "SELECT * from smf_members where member_name='$user' and passwd='$hash'";
14. $result = mysql_query($query) or die('no'. mysql_error());
15. $row=mysql_fetch_row($result);
16. echo $row ? "yes" : "no";
17. ?>