Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- mysql_connect(*);
- if(intval($_COOKIE["logged_in"])==1)
- {
- $test_row = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `username` LIKE '" . $_COOKIE['username'] . "'"));
- if($test_row["session"] != $_COOKIE["session_id"])
- {
- header( 'Location: index.php?logout=1' ) ;
- }
- }
- function session_gen()
- {
- $length = 10;
- $characters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
- $string = "";
- for ($p = 0; $p < $length; $p++)
- {
- $string .= $characters[mt_rand(0, strlen($characters))];
- }
- return $string;
- }
- function RemoveCookieLive($name)
- {
- unset($_COOKIE[$name]);
- return setcookie($name, NULL, -1);
- }
- if(intval($_GET["logout"])==1)
- {
- mysql_query("UPDATE `u702113482_db`.`users` SET session='null' WHERE username='" . $_COOKIE['username'] . "';");
- RemoveCookieLive("username");
- RemoveCookieLive("logged_in");
- RemoveCookieLive("session_id");
- }
- $logged_in = 0;
- if($_POST["username"])
- {
- $get_row = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `username` LIKE '" . $_POST['username'] . "'"));
- $atp_pass = $_POST["password"];
- $true_pass = $get_row["password"];
- if(hash("md5",$atp_pass) == $true_pass)
- {
- $session_id = $get_row['username'] . "_" . session_gen();
- $logged_in = 1;
- setcookie("logged_in", 1, time()+1200);
- setcookie("username", $_POST['username'], time()+1200);
- setcookie("session_id", $session_id , time()+1200);
- mysql_query("UPDATE `u702113482_db`.`users` SET session='" . $session_id . "' WHERE username='" . $_POST['username'] . "';");
- }
- else
- {
- die("<p>Inccorect details, click <a href='index.php'>here</a> to try again</p>");
- }
- }
- if(intval($_COOKIE["logged_in"]) == 1)
- {
- $logged_in = 1;
- }
- if(!$logged_in)
- {
- include "login.php";
- $user_id = $get_row["id"];
- $cur_un = "Guest";
- }
- else
- {
- if(intval($_COOKIE["logged_in"]) == 1)
- {
- $cur_un = $_COOKIE["username"];
- }
- else
- {
- $cur_un = $_POST["username"];
- }
- include "usercp.php";
- }
Add Comment
Please, Sign In to add comment