Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once "connect.php";
- $link = @new mysqli($host,$db_user,$db_password,$db_name);
- foreach ($_POST as $k=>$v) {$_POST[$k] = mysqli_real_escape_string($link, $v);}
- foreach ($_SERVER as $k=>$v) {$_SERVER[$k] = mysqli_real_escape_string($link, $v);}
- if($link->connect_errno == 0){
- if (isset($_POST['login'])){
- $q = mysqli_fetch_assoc( mysqli_query($link, "select count(*) cnt, id_user, id_user_type, user_name, user_surname, id_user_type from user where login='{$_POST['login']}' and password ='{$_POST['haslo']}'"));
- if ($q['cnt']){
- $id = md5(rand(-10000,10000) . microtime()) . md5(crc32(microtime()) . $_SERVER['REMOTE_ADDR']);
- $token = rand(-1000,1000);
- mysqli_query($link, "delete from session where ID_user = '$q[id_user]';");
- mysqli_query($link, "
- insert into session (ID_user, id_user_type, id, ip, web,imie,nazwisko,time,token) values
- ('$q[id_user]','$q[id_user_type]','$id','$_SERVER[REMOTE_ADDR]','$_SERVER[HTTP_USER_AGENT]','$q[user_name]','$q[user_surname]', CURRENT_TIMESTAMP, '$token')");
- if (! mysqli_errno($link)){
- setcookie("id", $id);
- setcookie("token", $token);
- header("location:index.php");
- } else {echo "błąd podczas logowania!";}
- } else {
- header("location: index.php");
- setcookie("login_error", true);
- }
- }else{
- header("location: index.php");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement