Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- ?>
- <?php
- $link = mysqli_connect($host, $user, $pass, $database);
- $ussrname = $_POST["username"];
- $hash_format = "$y2$10";
- $salt = "$Salt22CharectersOrMore";
- $format_and_salt = $hash_format . $salt;
- $hashedpassword = crypt($_POST["password"], $salt);
- $hashedpassword =mysqli_real_escape_string($link,$hashedpassword );
- $ussrname =mysqli_real_escape_string($link,$ussrname );
- $query = "SELECT * FROM users ";
- $query.="WHERE ";
- $query.="username='" . $ussrname . "' AND password='" . $hashedpassword . "'";
- die($query);
- $result = mysqli_query($link, $query);
- $rows = mysqli_num_rows($result);
- $usersarr = mysqli_fetch_assoc($result);
- if ($rows == 1)
- {
- if ($usersarr["usertypeid"] == 1)
- {
- $_SESSION["loggedin"] = 1;
- $_SESSION["userid"] = $usersarr['userid'];
- header("Location: ./user/index.php");
- }
- elseif ($usersarr["usertypeid"] == 4)
- {
- $_SESSION["loggedin"] = 4;
- $_SESSION["userid"] = $usersarr['userid'];
- header("Location: ./admin/index.php");
- }
- }
- else
- {
- $_SESSION["loginerror"] = 1;
- header("Location: index.php");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement