Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('LoginLib.php');
- session_start(); //must call session_start before using any $_SESSION variables
- $GLOBALS['username'] = cleanQuery($_POST['username']);
- $username = cleanQuery($_POST['username']);
- $password = cleanQuery($_POST['password']);
- $query = "SELECT Password, Salt, ID
- FROM personaldata
- WHERE Username = '$username';";
- $result = mysql_query($query);
- if(mysql_num_rows($result) < 1) //no such user exists
- {
- echo "No such user.";
- die();
- }
- $userData = mysql_fetch_array($result, MYSQL_ASSOC);
- $hash = sha1( $userData['Salt'] . sha1($password) );
- if($hash != $userData['Password']) //incorrect password
- {
- echo "Incorrect password";
- die();
- }
- else
- {
- $GLOBALS['userid'] = $userData['ID'];
- validateUser(); //sets the session data for this user
- }
- mysql_close($con);
- echo "Login succesful.";
- header('Location: Game.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement