Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $group = "";
- $rights = 0;
- $regis = false;
- if(isset($_GET["page"]))
- {
- if($_GET["page"] == "login")
- {
- if(isset($_POST["username"]) and isset($_POST["password"]))
- {
- $username = $_POST["username"];
- $password = $_POST["password"];
- $stmLogin = "SELECT * FROM acc WHERE password='".md5($password)."' AND username='$username';";
- $resLogin = $con->query($stmLogin);
- if($resLogin){
- if($resLogin->num_rows == 1)
- {
- $_SESSION["username"] = $username;
- $_SESSION["password"] = $password;
- }
- else
- {
- error("Password or username incorrect!");
- }
- }
- else
- {
- error("Error in stmLogin: $stmLogin");
- }
- }
- else
- {
- error("Login Error: couldn't send username or password");
- }
- }
- else if ($_GET["page"] == "logout")
- {
- session_destroy();
- }
- else if($_GET["page"] == "regi")
- {
- if(isset($_POST["username"]) and isset($_POST["password"]))
- {
- $username = $_POST["username"];
- $password = $_POST["password"];
- $stmNextId = "SELECT * FROM acc";
- $resNextId = $con->query($stmNextId);
- $id = $resNextId->num_rows;
- $stmRegi = "INSERT INTO acc VALUES($id,'$username','".md5($password)."', 2)";
- $resRegi = $con->query($stmRegi);
- if($resRegi === false){
- error("Couldn't register!");
- unset($_SESSION["username"]);
- unset($_SESSION["password"]);
- }
- else
- {
- error("Registered!");
- $_SESSION["username"] = $username;
- $_SESSION["password"] = $password;
- }
- }
- else
- {
- error("Login Error: couldn't send username or password");
- }
- }
- ?>
- <meta http-equiv="refresh" content="0; URL=<?php echo $filename ?>">
- <?php
- }
- else if(isset($_SESSION["username"]) and isset($_SESSION["password"]))
- {
- $username = $_SESSION["username"];
- $password = $_SESSION["password"];
- $stmLogin = "SELECT * FROM acc WHERE username='$username' AND password='".md5($password)."';";
- $resLogin = $con->query($stmLogin);
- if($resLogin)
- {
- if($resLogin->num_rows == 1)
- {
- $itemRights = $resLogin->fetch_assoc();
- $rights = $itemRechte["rights"];
- $regis = $rights==1;
- $group = $con->query("SELECT * FROM rechte_liste WHERE id=$rights")->fetch_assoc()["name"];
- }
- else
- {
- $rights = 0;
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment