API tools faq
paste
Guest User

Untitled

a guest
Jan 20th, 2019
136
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.35 KB | None | 0 0
raw download clone embed print report
  1. if (isset($_POST['userpassword']))
  2. {
  3. include('db.php');
  4. //I have used the name passwordu instead of password in the database as well.
  5. $query = "SELECT * FROM users WHERE username = '".$_REQUEST['username']."' AND passwordu = '".md5($_REQUEST['userpassword'])."';";
  6. $result = mysql_query($query);
  7. if ($result){ //THIS IS WHERE I FEEL THE ERROR IS
  8. echo "Congratulations. You are now Logged in. You will be logged out when the Browser is closed.";
  9. $_SESSION['logval'] = TRUE; //Sets the User Logged in for the complete session.
  10. }
  11. else echo "Sorry, You Entered Wrong Info.";
  12. }
  13.  
  14. if ( mysql_num_rows(mysql_query("some query")) == 1 ) { logged in }
  15.  
  16. ... md5($_REQUEST['userpassword'])."';";
  17. ^---this one
  18.  
  19. $query=<<<HERE
  20. SELECT count(*) as count form users where username=" " and password=" "
  21. HERE;
  22. $send=mysql_query($query);
  23. $row=mysql_fetch_assoc($send);
  24. $count=$row["count"];
  25. if($count=="0"){// not logged in}
  26. else if($count=="1"){//logged in}
  27.  
  28. $query = "SELECT * FROM users WHERE username = '".$_REQUEST['username']."' AND passwordu = '".md5($_REQUEST['userpassword'])."';";
  29.  
  30. $query = "SELECT * FROM users WHERE username == '".$_REQUEST['username']."' AND passwordu == '".md5($_REQUEST['userpassword'])."';";
  31.  
  32. $result = mysql_query($query);
  33.  
  34. $result = mysql_num_rows(mysql_query($query));
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!