Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <form id="frmLogin" method="post" action="chkauth.php">
- <table>
- <tr><td colspan="2" class="CenterAlign PostTitle"><p>Administrator Login</p></td></tr>
- <tr><td colspan="2">Please log in with your administrator username and password</td></tr>
- <tr><td> </td></tr>
- <tr>
- <td>Username:</td>
- <td><input id="adminname"type="text" /></td>
- </tr>
- <tr>
- <td>Password:</td>
- <td><input id="adminpass" type="password" /></td>
- </tr>
- <tr>
- <td colspan="2"><?php echo($message); ?></td>
- <td class="RightAlign"><input id="btnLogIn" type="submit" value="Log In" /></td>
- </tr>
- </table>
- </form>
- // chkauth.php
- <?php
- // Set database server access variables:
- $host = "localhost";
- $user = "root";
- $pass = "root";
- $db = "logansarchive";
- // Open connection
- $connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!");
- // Select database
- mysql_select_db($db) or die ("Unable to select database!");
- $user = $_POST["adminname"];
- $pass = $_POST["adminpass"];
- // Hash the password input
- $passwordHash = sha1(pass);
- // The database field only allows 20 characters, truncate the hash
- $passwordHash = substr(sha1($pass,0,20);
- $query = "SELECT AdminName FROM Admins WHERE AdminName = '".$user."' AND AdminPass = '".$passwordHash."'";
- $result = mysql_query($query) or die ("<p>Error in query:</p><p>".$query."</p><p>".mysql_error()."</p>");
- if (mysql_num_rows($result) < 1)
- {
- // Access denied
- header('Location: auth.php?r=0');
- }
- else
- {
- // Access granted
- session_start();
- $_SESSION['name'] = $user;
- header('Location: index.php');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement