auctionLogin.php

1. <!doctype html>
2. <?php
3. //$cookie_name = "user";
4. //$cookie_value = "value";
5. //setcookie($cookie_name, $cookie_value, time() + 3600, "/");
6. session_start();
7. ?>
8. <html>
9. <head>
10. <meta charset="utf-8">
11. <title>Login PHP</title>
12. </head>
13.  
14. <body>
15. <h1>Login PHP</h1>
16. <?php
17. //echo "number of cookies: ".count($_COOKIE);
18. $user = $_GET['username'];
19. $pass = $_GET['pwd'];
20. $servername = "localhost";
21. $username = "playground18";
22. $password = "Cdz5SOVrY2p8fnWS";
23. $dbname = "playground18";
24.  
25. try
26. {
27. $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
28. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
29. $sql = "SELECT count(*) FROM `tanay_auction_users` WHERE id > 0";
30. $result = $conn->prepare($sql);
31. $result->execute();
32. $number_of_rows = $result->fetchColumn();
33. //print($number_of_rows);
34.  
35.  
36. //$stmt = $conn->prepare("SELECT COUNT(*) as total FROM tanay_auction_users;");
37. //$result = $stmt->execute();
38.  
39. //echo $result;
40.  
41. for($x = 2; $x <= $number_of_rows+1; $x++)
42. {
43. $queryuser = "SELECT username FROM `tanay_auction_users` WHERE id = $x";
44. $userresult = $conn->prepare($queryuser);
45. $userresult->execute();
46. $uresult = $userresult->fetchcolumn();
47. $querypass = "SELECT password FROM `tanay_auction_users` WHERE id = $x";
48. $passresult = $conn->prepare($querypass);
49. $passresult->execute();
50. $presult = $passresult->fetchColumn();
51. //print($userresult);
52. //print_r($presult);
53. if (strpos($user, $uresult) !== false)
54. {
55. if (strpos($pass, $presult) !== false)
56. {
57. echo "<h1>Success!</h1>";
58. $_SESSION["status"] = "authorized";
59. $_SESSION["name"] = $user;
60. echo "<br>currently logged in: " . $_SESSION["name"] . ".<br>";
61. //setcookie("user", "value", time() - 3600);
62. //$cookie_name = "authorizeduser";
63. //$cookie_value = $user;
64. //setcookie($cookie_name, $cookie_value, time() + 3600, "/");
65. header('Location: auctionHome.php');
66. }
67. else {
68. $count++;
69. if ($count==$number_of_rows)
70. {
71. echo "<h1>Incorrect Login!</h1>";
72. session_destroy();
73. //setcookie("user", "value", time() - 3600);
74. }
75.  
76. }
77. }
78.  
79. else {
80. $count++;
81. if ($count==$number_of_rows)
82. {
83. echo "<h1>Incorrect Login!</h1>";
84. session_destroy();
85. //setcookie("user", "value", time() - 3600);
86. }
87.  
88. }
89. }
90.  
91. }
92. catch(PDOException $e)
93. {
94. echo "Error: " . $e->getMessage();
95. }
96.  
97.  
98.  
99.  
100. $conn = null;
101.  
102.  
103. ?>
104. </body>
105. </html>