Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- * Hey! This file processes the given
- * credentials to see if they're correct!
- * If something goes wrong, an error code
- * is returned to the login page.
- */
- function got_error($id = 0) {
- // This function returns the error...
- Header('HTTP/1.1 500 Access Denied');
- Header('Location: ./?err='.(is_numeric($id) ? $id : 0));
- return;
- }
- // Checking the basic stuff here.
- if(empty($_POST)) return got_error();
- if(empty($_POST['user'])&&empty($_POST['pass'])) return got_error(1);
- if(empty($_POST['user'])||empty($_POST['pass'])) return got_error((empty($_POST['user'])?2:3));
- // Attempt to connect to the MySQL database!.
- $conn = @mysql_connect('localhost:3306', 'photofroggy', '-');
- if(!$conn) {
- echo mysql_error();return;
- got_error(4);
- }
- if(!@mysql_select_db('photofroggy_main', $conn)) got_error(4);
- // Query the database with the given login details.
- $query = @mysql_query(
- 'SELECT * FROM user WHERE Username=\''.$_POST['user'].'\' AND Password=\''.sha1($_POST['pass']).'\''
- );
- if(!$query) got_error(4);
- // Get the data from the user table!
- $rows = array();
- while($row = mysql_fetch_assoc($query)) { $rows[] = $row; }
- // Now we know if the login was right or not.
- if(empty($rows)) return got_error(5);
- // If all is good, we can move on! Here we create an authtoken and get a timestamp.
- $token = sha1(time()+microtime());
- $ts = time();
- // Now we put the token and timestamp in the user table.
- $query = mysql_query("UPDATE user SET Authtoken='$token',Timestamp='$ts' WHERE Username='".$row['Username'].'\'');
- // An error could occur here...
- if(!$query) return got_error(4);
- // But we set a cookie if all is well!
- setcookie('blogg:user', array('username' => $row['Username'], 'authtoken' => $token), $ts+3600);
- // And then we return to the homepage!
- Header('HTTP/1.1 200 SUCCESS');
- Header('Location: ../');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement