Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /* I hope you can help,
- this is what i have for my login form, and now my passwords have been hashed, and i've been told to add: */
- "
- $passToCheck = 'something';
- $correctMD5 = (retrieve hash from db)
- if($salt.$passToCheck.$pepper == $correctMD5)
- {
- //valid login
- } else {
- //login failure
- }
- "
- // but i don't know where about to put it, can you help me,
- <?php // login.php
- include_once 'header.php';
- echo "<h3>Member Log in</h3>";
- $error = $user = $pass = "";
- if (isset($_POST['user']))
- {
- $user = sanitizeString($_POST['user']);
- $pass = sanitizeString($_POST['pass']);
- $passToCheck = '$pass';
- if ($user == "" || $pass == "")
- {
- $error = "Not all fields were entered<br />";
- }
- else
- {
- $query = "SELECT user,pass FROM members
- WHERE user='$user' AND pass='$pass'";
- if (mysql_num_rows(queryMysql($query)) == 0)
- {
- $error = "Username/Password invalid<br />";
- }
- else
- {
- $_SESSION['user'] = $user;
- $_SESSION['pass'] = $pass;
- die("You are now logged in. Please
- <a href='members.php?view=$user'>click here</a>.");
- }
- }
- }
- echo <<<_END
- <form method='post' action='login.php'>$error
- Username <input type='text' maxlength='16' name='user'
- value='$user' /><br />
- Password <input type='password' maxlength='16' name='pass'
- value='$pass' /><br />
-
- <input type='submit' value='Login' />
- </form>
- _END;
- ?>
Add Comment
Please, Sign In to add comment