Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?PHP
- $A = "localhost"; // Server Name
- $B = "root"; // MySQL Username
- $C = ""; // MySQL Password
- $D = "college"; // Database
- $Connect = new mysqli($A, $B, $C, $D);
- if ($Connect->connect_error) {
- die("Connection Failed<BR>");
- }
- echo "Connected<BR>";
- $CookieName = "SignedIn";
- if (isset($_COOKIE[$CookieName])) {
- $CookieValue = $_COOKIE[$CookieName];
- echo "Welcome, $CookieValue<BR>";
- }
- if (isset($_POST['SignIn'])) {
- $Username = $_POST['Username'];
- $Password = $_POST['Password'];
- $PasswordHash = sha1($Password."OxgnNhUXvP");
- $SQL = "SELECT * FROM Accounts WHERE Username=$Username' AND Password='$PasswordHash'";
- $Result = mysqli_query($Connect, $SQL);
- $Count = mysqli_num_rows($Result);
- if ($Count == 1) {
- $CookieValue = $Username;
- setcookie($CookieName, $CookieValue, time() + (180), "/");
- header("Location: index.php");
- } else {
- echo "Incorrect Username/Password";
- }
- } else if (isset($_POST['SignUp'])) {
- $Username = $_POST['Username'];
- $Password = $_POST['Password'];
- $PasswordHash = sha1($Password."OxgnNhUXvP");
- $SQL = "INSERT INTO Accounts (A_ID, Username, Password) VALUES ('', '$Username', '$PasswordHash')";
- $Result = mysqli_query($Connect, $SQL);
- } else if (isset($_POST['SignOut'])) {
- setcookie("SignedIn", "val", time() - (180), "/");
- header("Location: index.php");
- }
- if (isset($_POST['SendMessage'])) {
- $GetAID = "SELECT A_ID FROM Accounts WHERE Username='$CookieValue'";
- $ResultAID = $Connect->query($GetAID);
- echo $ResultAID;
- $Message = htmlspecialchars($_POST['Message']);
- $MessageSQL = "INSERT INTO Messages (M_ID, Message) VALUES ('', '$Message')";
- if ($Connect->query($MessageSQL) === TRUE) {
- echo "Message Sent<BR/>";
- } else {
- echo "Error Sending Message<BR/>";
- }
- }
- $SelectMessages = "SELECT * FROM Messages ORDER BY M_ID DESC LIMIT 10";
- $ResultMessages = $Connect->query($SelectMessages);
- if (mysqli_num_rows($ResultMessages) > 0) {
- while ($Row = mysqli_fetch_assoc($ResultMessages)) {
- echo 'M_ID: ' . $Row['M_ID'] . ' Message: ' . $Row['Message'] . 'A_ID: ' . $Row['A_ID'] . '<BR>';
- }
- }
- ?>
- <FORM ACTION="<?PHP $_SERVER['PHP_SELF'] ?>" METHOD="POST">
- <INPUT TYPE="Text" NAME="Username">
- <INPUT TYPE="Password" NAME="Password">
- <INPUT TYPE="Submit" VALUE="Sign In" NAME="SignIn">
- <INPUT TYPE="Submit" VALUE="Sign Up" NAME="SignUp">
- <INPUT TYPE="Submit" VALUE="Sign Out" NAME="SignOut">
- </FORM>
- <FORM ACTION="<?PHP $_SERVER['PHP_SELF'] ?>" METHOD="POST">
- <INPUT TYPE="Text" NAME="Message">
- <INPUT TYPE="Submit" VALUE="Send Message" NAME="SendMessage">
- </FORM>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement