Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(isset($_GET))
- {
- require_once("database.php");
- if(isset($_GET['username']) && isset($_GET['password']) && isset($_GET['what']))
- {
- if(strlen($_GET['username']) > 0 && strlen($_GET['password']) > 0 && strlen($_GET['what']) > 0)
- {
- $username = htmlspecialchars($_GET['username']);
- $password = htmlspecialchars($_GET['password']);
- $what = $_GET['what'];
- $available = array("id", "username", "password", "email");
- if(in_array($what, $available))
- {
- $r = $database->prepare("SELECT ".$what." FROM clients_info WHERE username=:username AND password=MD5(:password)");
- $r->bindParam(":username", $username, PDO::PARAM_STR);
- $r->bindParam(":password", $password, PDO::PARAM_STR);
- $r->execute();
- if($r->rowCount() == 0)
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404);
- else
- $data = $r->fetch(PDO::FETCH_OBJ)->$what;
- }
- }
- }
- if(isset($data))
- print ($data);
- else
- {
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404);
- exit(0);
- }
- exit(0);
- }
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement