Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- include ('[connection].php');
- #Connection#
- #mysql_connect("$host","$user","$pass")or die("Could Not Connect");
- #mysql_select_db($db_name) or die("Could Not Select Database");
- #User / Pass (From Form)#
- $myuser=$_POST['[user]'];
- $mypass=$_POST['[pass]'];
- #MYSQL Anti-Injection#
- $myuser=stripslashes($[uservar]);
- $mypass=stripslashes($[passvar]);
- $myuser=mysql_real_escape_string($[uservar]);
- $mypass=mysql_real_escape_string($[passvar]);
- $sql="SELECT * FROM [table] WHERE [user]='$[uservar]' and [pass]='$[passvar]'";
- $result=mysql_query($sql);
- if(!$result){
- die("Error: " . mysql_error() . " Error number: " . mysql_errno());
- }
- #Number or rows counted#
- $count=mysql_num_rows($result);
- #For a match there must only be one#
- if($count==1){
- session_start();
- session_name('[name]');
- $_SESSION["[user]"]=$[uservar];
- $_SESSION["[pass]"]=$[passvar];
- session_id();
- header("location:[].php");
- }else{
- echo("Wrong Username or Password");
- }
- ob_end_flush();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement