//index.html<?php>session_start();?> <!DOCTYPE html> <html lang=

1.  
2. //index.html
3.  
4. <?php>
5. session_start();
6.  
7. ?>
8. <!DOCTYPE html>
9. <html lang="en" dir="ltr">
10. <head>
11. <meta charset="utf-8">
12. <title></title>
13. </head>
14. <body>
15. <div id="wrapper">
16. <h2>Dis a forum yeeeeet</h2>
17. <p>you arent allowed</p>
18.  
19. <?php
20. if(!isset($_SESSION['uid'])){
21. echo "<form action='login_parse.php' method='post'>
22. Username: <input type='text' name='realname' />&nbsp;
23. Password: <input type='password' name='password' />&nbsp;
24. <input type='submit' name='submit' value='Log In'/>";
25.  
26.  
27.  
28. }else {
29. echo "<p>You are logged in as ".$_SESSION['realname']."&bull; <a href='logout_parse.php'>Logout</a>";
30. }
31. ?>
32. </div>
33. </body>
34. </html>
35.  
36.  
37.  
38. //connect.php
39.  
40.  
41.  
42. <?php
43. $dbhost = "axc.zapto.org";
44. $dbusername = "authme";
45. $dbpassword = "AndreiPufi2000*";
46. $dbname = "authme";
47. $con = mysqli_connect($dbhost, $dbname, $dbpassword, $dbusername);
48. ?>
49.  
50.  
51.  
52. //login_parse.php
53.  
54.  
55. <?php
56. session_start();
57. include_once("connect.php");
58. $sql = "SELECT username, password FROM authme";
59. $result = mysqli_query($con,$sql) or die(mysqli_error($con));
60. print_r($result);
61. if(mysqli_num_rows($result)>0){
62. $row = mysqli_fetch_assoc($result);
63. $_SESSION['uid'] = $row['id'];
64. $_SESSION['username'] = $row['realname'];
65. $token = substr($row['password'],5,16);
66. $a = hash('sha256', hash('sha256', $row['password']).$token);
67. $password = '$SHA$'.$token.'$'.$a;
68. echo $password."<br>";
69. echo $row['password'];
70. }
71.  
72.  
73. ?>