Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- LOGIN
- <?php
- // MySQL settings
- $host = "localhost"; // Host name
- $username = "root"; // MySQL username
- $password = ""; // MySQL password
- $database_name = "blog"; // Datavase bane
- $table_name = "account"; // Table name
- // Connection to MySQL
- mysql_connect($host, $username, $password) or die ("Error: " . mysql_error());
- mysql_select_db($database_name) or die ("Error: " . mysql_error());
- // Form information
- $formusername = $_POST["username"];
- $formpassword = $_POST["password"];
- // MySQL injection protection
- $formusername = stripslashes($formusername);
- $formpassword = stripslashes($formpassword);
- $formusername = mysql_real_escape_string($formusername);
- $formpassword = mysql_real_escape_string($formpassword);
- #$formpassword = md5($formpassword);
- // Login
- if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $query = mysql_query("SELECT * FROM $table_name WHERE username='$formusername' and password='$formpassword'");
- $count = mysql_num_rows($query);
- if ($count == 1) {
- // Valid Login
- $_SESSION['login'] = true;
- echo 'Logged in!';
- } else {
- // Unvalid Login
- }
- }
- ?>
- REGISTER
- <?php
- // MySQL settings
- $host = "localhost"; // Host name
- $username = "root"; // MySQL username
- $password = ""; // MySQL password
- $database_name = "blog"; // Datavase bane
- $table_name = "account"; // Table name
- // Connection to MySQL
- mysql_connect($host, $username, $password) or die ("Error: " . mysql_error());
- mysql_select_db($database_name) or die ("Error: " . mysql_error());
- // Form information
- $formusername = $_POST["username"];
- $formpassword1 = $_POST["password1"];
- $formpassword2 = $_POST["password2"];
- // MySQL injection protection + MD5
- $formusername = stripslashes($formusername);
- $formpassword1 = stripslashes($formpassword1);
- $formpassword2 = stripslashes($formpassword2);
- $formusername = mysql_real_escape_string($formusername);
- $formpassword1 = mysql_real_escape_string($formpassword1);
- $formpassword2 = mysql_real_escape_string($formpassword2);
- $formpassword1 = md5($formpassword1);
- $formpassword2 = md5($formpassword2);
- // Register
- if ($_SERVER['REQUEST_METHOD'] == "POST") {
- if (strlen($formpassword1) > 5 and $formpassword1 == $formpassword2) {
- $sql = "INSERT INTO account (username, password) VALUES ('$formusername', '$formpassword1')";
- mysql_query($sql) or die ("Error: " . mysql_error());
- print $formpassword1;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment