SHOW:
|
|
- or go back to the newest paste.
1 | <?php | |
2 | $username = $_REQUEST["txt_username"]; | |
3 | $password = $_REQUEST["txt_password"]; | |
4 | ||
5 | $host = "localhost"; | |
6 | $user = "root"; | |
7 | $pass = "12157114"; | |
8 | ||
9 | try { | |
10 | $dbh = new PDO("mysql:host=$host;dbname=logansarchive", $user, $pass); | |
11 | } | |
12 | catch(PDOException $e) { | |
13 | echo $e->getMessage(); | |
14 | } | |
15 | ||
16 | $hashed_pass = substr(sha1($password), 0, 10); | |
17 | ||
18 | $sql = "select * from admin where adminname = '".$username."' and password = '".$hashed_pass."'"; | |
19 | //echo $sql."<br />Count: "; | |
20 | //$result = $dbh->prepare($sql); | |
21 | ||
22 | //$result->bindParam(":name", $username); | |
23 | //$result->bindParam(":pass", $hashed_pass); | |
24 | ||
25 | //$result->execute(); | |
26 | //$count = $result->columnCount(); | |
27 | ||
28 | $link = mysql_connect($host, $user, $pass); | |
29 | mysql_select_db("logansarchive", $link); | |
30 | $result = mysql_query("select * from admin where adminname = '".$username."' and password = '".$hashed_pass."'", $link); | |
31 | $numrows = mysql_num_rows($result); | |
32 | ||
33 | $link = null; | |
34 | $result = null; | |
35 | ||
36 | if (numrows == 1) { | |
37 | foreach ($dbh->query($sql) as $row) { | |
38 | $_SESSION["adminid"] = $row["adminid"]; | |
39 | $_SESSION["adminname"] = $row["adminname"]; | |
40 | $_SESSION["lastlogin"] = $row["lastlogin"]; | |
41 | } | |
42 | header("Location: /logansarchive/admin/index.php"); | |
43 | } | |
44 | else { | |
45 | header("Location: /logansarchive/admin/login.php?login_attempt=1"); | |
46 | } | |
47 | ?> | |
48 | ||
49 | ||
50 |