Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?PHP
- /* Turn error reporting for securility purposes */
- error_reporting(0);
- /* Starts the session */
- session_start();
- /*Checks if session exist or not.*/
- if ($_SESSION['username']!=NULL and $_SESSION['password']!=NULL)
- {
- /*if it doesn't exist then go to the user's page*/
- echo "<script>window.location='user.php';</script>";
- exit;
- }
- /*if data was submited*/
- if ($_REQUEST['submit'] == 'submit')
- {
- /* Get data from web form */
- $username = $_REQUEST['username'];
- $password = $_REQUEST['password'];
- /*create the key out of the username password (concept) */
- $key = $username[0] . $username[1] . $username[2] . $password[3] . $password[2];
- /* encypts password */
- $cppassword = crypt($password,$key);
- $dbuser="Guest";
- $dbpass="guest";
- $dbname="bktc";
- /*
- Connects to the database using guest login
- Guest login can only use the select function
- */
- $chandle = mysql_connect("localhost", $dbuser, $dbpass) or die("Connection Failure to Database");
- mysql_select_db($dbname,$chandle) or die($dbname . " not found." . $dbuser);
- /* Get the user from the database */
- $sqlcomm = "SELECT * FROM 'users'";
- $results = mysql_query($sqlcomm) or die(mysql_error());
- while($row = mysql_fetch_array($rersult)
- {
- /*Check if the user info match the database or not*/
- if ($row['USERNAME'] == $username) and ($row['PASSWORD'] == $cpassword))
- {
- /* Create a session for the user */
- session_cache_limiter('private');
- $cache_limiter = session_cache_limiter();
- /*set expiration, username and password into the session */
- $session_expire = session_cache_expire();
- $_SESSION['username']=$username;
- $_SESSION['password']=$cpassword;
- $_SESSION['group'] = $row['GROUP'];
- /* redirect you to the user page */
- echo "<script>window.location='user.php';</script>";
- exit;
- }
- }
- /* Give them an error */
- echo "Username or password is invaild.<br><br>";
- }
- ?>
- <html>
- <form name="loginform" method="post" action="login.php">
- Username: <input type=text name="username"><br>
- Password: <input type="password" name="password"><br>
- <input type="submit" value="Login">
- <input type="hidden" value="submit" name="submit">
- </form>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement