SHOW:
|
|
- or go back to the newest paste.
1 | <?php | |
2 | $username = $_REQUEST["txt_username"]; | |
3 | $password = $_REQUEST["txt_password"]; | |
4 | ||
5 | $host = "127.0.0.1"; | |
6 | $user = "root"; | |
7 | $pass = "12157114"; | |
8 | ||
9 | try { | |
10 | $dbh = new PDO("mysql:host=$host;dbname=logansarchive", $user, $pass); | |
11 | $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
12 | } | |
13 | catch(PDOException $e) { | |
14 | echo $e->getMessage(); | |
15 | } | |
16 | ||
17 | $hashed_pass = substr(sha1($password), 0, 10); | |
18 | - | $sql = "select * from admin where adminname = :name and password = :pass"; |
18 | + | |
19 | - | //echo $sql."<br />Count: "; |
19 | + | $sql = "select count(*) as count, adminid, adminname, lastlogin from admin where adminname = :name and adminpass = :pass"; |
20 | $result = $dbh->prepare($sql); | |
21 | ||
22 | $result->bindParam(":name", $username); | |
23 | $result->bindParam(":pass", $hashed_pass); | |
24 | ||
25 | - | $result->execute(); |
25 | + | $row = $dbh->query($sql) |
26 | - | $count = $result->fetchAll(); |
26 | + | if ($row["count"] == 1) { |
27 | $_SESSION["adminid"] = $row["adminid"]; | |
28 | - | //$link = mysql_connect($host, $user, $pass); |
28 | + | $_SESSION["adminname"] = $row["adminname"]; |
29 | - | //mysql_select_db("logansarchive", $link); |
29 | + | $_SESSION["lastlogin"] = $row["lastlogin"]; |
30 | - | //$result = mysql_query("select * from admin where adminname = '".$username."' and password = '".$hashed_pass."'", $link); |
30 | + | |
31 | - | //$numrows = mysql_num_rows($result); |
31 | + | $dbh = null; |
32 | header("Location: /logansarchive/admin/index.php"); | |
33 | - | //$link = null; |
33 | + | |
34 | - | //$result = null; |
34 | + | |
35 | $dbh = null; | |
36 | - | if ($count == 1) { |
36 | + | |
37 | - | foreach ($dbh->query($sql) as $row) { |
37 | + | |
38 | - | $_SESSION["adminid"] = $row["adminid"]; |
38 | + | |
39 | - | $_SESSION["adminname"] = $row["adminname"]; |
39 | + | |
40 | - | $_SESSION["lastlogin"] = $row["lastlogin"]; |
40 | + |