Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("config.php");
- $logged_in = FALSE;
- if(isset($_COOKIE['beautiful_cookie'])) {
- $cookie = $mysqli->real_escape_string($_COOKIE['beautiful_cookie']);
- $check_token = $mysqli->query("SELECT * FROM sessions WHERE token = '{$cookie}'");
- if($check_token->num_rows > 0) {
- echo "Welcome, you are logged in!";
- $logged_in = TRUE;
- }
- }
- if(isset($_POST['logout'])) {
- setcookie("beautiful_cookie", "", time()-60, "/");
- echo "<p>You've been logged out!</p>";
- }
- if(isset($_POST['submit']) && isset($_POST['username']) && isset($_POST['password'])) {
- $username = $mysqli->real_escape_string($_POST['username']) ;
- $password = $mysqli->real_escape_string($_POST['password']) ;
- $check_login = $mysqli->query("SELECT * FROM users WHERE username = '{$username}' AND password = '{$password}'");
- if($check_login->num_rows > 0) {
- echo "You've been logged in.";
- $hash = sha1($username.rand(1,5));
- setcookie("beautiful_cookie", $hash, time()+3600, "/");
- $check_cookie = $mysqli->query("SELECT * FROM sessions WHERE username = '{$username}'");
- if ($check_cookie->num_rows > 0) {
- $update_cookie = $mysqli->query("UPDATE sessions SET username = '{$username}', token = '{$hash}', date = NOW() WHERE username = '{$username}'");
- } else {
- $insert_cookie = $mysqli->query("INSERT INTO sessions (username, token, date) VALUES ('{$username}', '{$hash}', NOW())");
- }
- } else {
- echo "Incorrect username or password!";
- }
- }
- $mysqli->close();
- if($logged_in == FALSE) {
- echo '
- <form method="POST">
- <input type="text" name="username">
- <input type="password" name="password">
- <input type="submit" name="submit" value="Login">
- </form>';
- } else {
- echo '
- <form method="POST">
- <input type="submit" name="logout" value="Logout">
- </form>
- ';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement