Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(isset($_SESSION['usuario'])) {
- header('Location: personajes');
- exit();
- }
- ?>
- <!DOCTYPE html>
- <html lang="es">
- <head>
- <title>Iniciar sesión en United States Roleplay</title>
- <meta charset="UTF-8">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <link rel="stylesheet" type="text/css" href="css/login.css">
- </head>
- <body>
- <div class="wrapper fadeInDown">
- <div id="formContent">
- <h2 class="active"> Ingresar </h2>
- <a href="registrarme/index.php">
- <h2 class="inactive underlineHover"> Registrarme </h2>
- </a>
- <div class="fadeIn first">
- <img src="images/logo.jpg" id="icon" alt="User Icon" />
- </div>
- <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
- <p id="error" style="color:#B22222"></p>
- <input type="text" id="login" class="fadeIn second" name="usuarioingresado" placeholder="Escribe tu usuario o e-mail">
- <input type="password" id="password" class="fadeIn third" name="contraingresada" placeholder="Escribe tu contraseña">
- <input type="submit" class="fadeIn fourth" value="Entrar">
- </form>
- <div id="formFooter">
- <a class="underlineHover" href="recuperar">¿Has olvidado tu contraseña?</a>
- </div>
- </div>
- </div>
- </body>
- </html>
- <?php
- include 'scripts/conexion.php';
- if($_POST){
- $arrDatos=array();
- $arrDatos['usr'] = (!empty($_POST['usuarioingresado']) ) ? array ('data'=>$_POST['usuarioingresado']) : array('id'=> 1, 'msg'=>'Debes poner un usuario o un e-mail.');
- $arrDatos['pwd'] = (!empty($_POST['contraingresada']) ) ? array ('data'=>$_POST['contraingresada']) : array('id'=> 1, 'msg'=>'Debes poner una contraseña.');
- if(array_column($arrDatos, 'msg')) {
- $msgs=implode("<br />",array_column($arrDatos, 'msg'));
- echo "<script>document.getElementById('error').innerHTML = '".$msgs."'</script>";
- } else {
- $ce = strtoupper( hash('whirlpool', $arrDatos['pwd']['data']) );
- $lp = array(" ", "-","DROP", "TABLE", "SELECT", "INSERT", "VALUES", "FROM", "INTO", "CREATE", "SET", "SQL", "PDO", "$", "DELETE", "UPDATE", "'", "=", ";");
- $u=$arrDatos['usr']['data'];
- $ul = str_replace($lp, "", $u);
- $c=$arrDatos['pwd']['data'];
- $bR = "SELECT * FROM sv_nicks WHERE Nick = '$ul' or Email = '$el' and Contra = '$ce'";
- $r = $con->query($bR);
- $c1 = mysqli_num_rows( $r );
- if( $c1 === 1 ){
- session_start();$_SESSION['usuario'] = $ul; header("Location: personajes");
- }else{
- echo "<script>document.getElementById('error').innerHTML = 'Los datos de inicio de sesión son incorrectos.'</script>";
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment