SHARE
TWEET

Untitled

a guest Oct 4th, 2017 77 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <form id="frmLogin" method="post" action="chkauth.php">
  2.     <table>
  3.         <tr><td colspan="2" class="CenterAlign PostTitle"><p>Administrator Login</p></td></tr>
  4.     <tr><td colspan="2">Please log in with your administrator username and password</td></tr>
  5.     <tr><td>&nbsp;</td></tr>
  6.     <tr>
  7.         <td>Username:</td>
  8.             <td><input id="adminname"type="text" /></td>
  9.     </tr>
  10.     <tr>
  11.          <td>Password:</td>
  12.          <td><input id="adminpass" type="password" /></td>
  13.     </tr>
  14.     <tr>
  15.         <td colspan="2"><?php echo($message); ?></td>
  16.         <td class="RightAlign"><input id="btnLogIn" type="submit" value="Log In" /></td>
  17.     </tr>                      
  18.     </table>
  19. </form>
  20.  
  21. // chkauth.php
  22. <?php
  23.     // Set database server access variables:
  24.     $host = "localhost";
  25.     $user = "root";
  26.     $pass = "root";
  27.     $db = "logansarchive";
  28.  
  29.     // Open connection
  30.     $connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!");
  31.    
  32.     // Select database
  33.     mysql_select_db($db) or die ("Unable to select database!");
  34.  
  35.     $user = $_POST["adminname"];
  36.     $pass = $_POST["adminpass"];
  37.    
  38.         // Hash the password input
  39.     $passwordHash = sha1(pass);
  40.         // The database field only allows 20 characters, truncate the hash
  41.     $passwordHash = substr(sha1($pass,0,20);
  42.    
  43.     $query = "SELECT AdminName FROM Admins WHERE AdminName = '".$user."' AND AdminPass = '".$passwordHash."'";
  44.     $result = mysql_query($query) or die ("<p>Error in query:</p><p>".$query."</p><p>".mysql_error()."</p>");
  45.     if (mysql_num_rows($result) < 1)
  46.     {
  47.         // Access denied
  48.         header('Location: auth.php?r=0');
  49.     }
  50.     else
  51.     {
  52.         // Access granted
  53.         session_start();
  54.         $_SESSION['name'] = $user;
  55.         header('Location: index.php');
  56.     }
  57. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top