Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if (isset($_POST['token']) && $_POST['token'] !== '') {
- include "../config/config.php";
- $user = mysqli_real_escape_string($con, (strip_tags($_POST['email'], ENT_QUOTES)));
- $pass = sha1(md5(mysqli_real_escape_string($con, (strip_tags($_POST['password'], ENT_QUOTES)))));
- $query = mysqli_query($con, "SELECT * FROM user WHERE (email= "" . $user . "" or username= "" . $user . "") and password= "" . $pass . "" and is_active=1,and is_admin");
- if ($row = mysqli_fetch_array($query)) {
- $_SESSION['user_id'] = $row['id'];
- header("location: ../dashboard.php");
- } else if ($row != mysqli_fetch_array($query)){
- $_SESSION['user_id'] = $row['id'];
- header("location: ../dashboardGeneral.php");
- } else {
- $invalid = sha1(md5("contrasena y email invalido"));
- header("location: ../index.php?invalid=$invalid");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement