Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if (isset($_POST['register'])) // Lets the user register, if the name is taken, return "taken", if it's not, put it in the database and return "ok"
- {
- $username = strip_tags($_POST['regUsername']);
- $password = strip_tags($_POST['regPassword']);
- $username = stripslashes($username);
- $password = stripslashes($password);
- $password = md5($password);
- $checkExist = "SELECT * FROM users WHERE username='$username'";
- $checkExistQ = mysqli_query($db, $checkExist);
- $rows = mysqli_num_rows($checkExistQ);
- if ($rows == 0) {
- $sql_store = "INSERT INTO users (id, username, password, money, level, xp, atk, def, hp) VALUES (NULL, '$username', '$password', 50, 1, 0, 8, 0, 100)";
- $sql = mysqli_query($db, $sql_store) or die(mysql_error());
- die("ok");
- } else {
- die("taken");
- }
- }
- if (isset($_POST['login']))
- {
- $username = strip_tags($_POST['logUsername']);
- $password = strip_tags($_POST['logPassword']);
- $username = stripslashes($username);
- $password = stripslashes($password);
- $password = md5($password);
- $sql = "SELECT * FROM users WHERE username='$username' LIMIT 1";
- $query = mysqli_query($db, $sql);
- $row = mysqli_fetch_array($query);
- $id = $row['id'];
- $db_password = $row['password'];
- if ($db_password == $password) {
- die("login"."SEPERATOR".$id);
- }
- else {
- die("passwrong");
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement