API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 2nd, 2016
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.76 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. if ($_SERVER["REQUEST_METHOD"] == "POST")
  4. {
  5.  
  6. $user="admin";
  7. $pass="neehahs";
  8. $host="localhost";
  9. $db="login";
  10.  
  11. $con=mysqli_connect($host,$user,$pass,$db);
  12. if(mysqli_connect_errno($con)){
  13. echo "Failed to connect to MySQL: " . mysqli_connect_error();
  14. }
  15.  
  16.  
  17. $username=($_POST['username']);
  18. $password=md5($_POST['password']);
  19.  
  20. $username = mysqli_real_escape_string($con,$username);
  21. $password = mysqli_real_escape_string($con,$password);
  22.  
  23.  
  24.  
  25.  
  26. $sql="SELECT * FROM members WHERE student_id='%$username%' AND student_pass='%$password%'";
  27. $sqldata=mysqli_query($con,$sql)
  28. or die ("error");
  29.  
  30. while ($row=mysqli_fetch_array($sqldata)){
  31.  
  32. if($row["user_type"]=='student'){
  33. header('location: http://localhost/greenstudio/index.html');
  34.  
  35. }
  36.  
  37. elseif
  38. ($row["user_type"]=='organizer'){
  39. header('location: http://localhost/greenstudio/index2.html');
  40.  
  41. }else {
  42. echo"Sorry, your credentials are not valid, Please try again.";
  43.  
  44.  
  45. }
  46. }
  47. exit();
  48. }
  49.  
  50. ?>
  51.  
  52. Table: users
  53. --------+----------+----------+----------
  54. user_id | username | password | user_type
  55. --------+----------+----------+----------
  56. 1 | admin | neehahs | organizer
  57. 2 | student1 | mypass | student
  58.  
  59. SELECT
  60. user_type
  61. FROM
  62. users
  63. WHERE
  64. BINARY username='$username' AND
  65. BINARY password='$password'
  66.  
  67. <?php
  68.  
  69. if ($_SERVER["REQUEST_METHOD"] == "POST"){
  70. $user="admin";
  71. $pass="neehahs";
  72. $host="localhost";
  73. $db="login";
  74. $con=mysqli_connect($host,$user,$pass,$db);
  75. if(mysqli_connect_errno($con)){
  76. echo "Failed to connect to MySQL: " . mysqli_connect_error();
  77. }
  78. $username=($_POST['username']);
  79. $password=md5($_POST['password']);
  80. $username = mysqli_real_escape_string($con,$username);
  81. $password = mysqli_real_escape_string($con,$password);
  82. $sql="SELECT user_type FROM members WHERE BINARY student_id='$username' AND BINARY student_pass='$password'";
  83. $sqldata=mysqli_query($con,$sql) or die ("error");
  84. $row = mysqli_fetch_array($sqldata);
  85. if(is_null($row) || mysqli_num_rows($sqldata)!=1){
  86. echo "Sorry, your credentials are not valid or matches more than 1 user, Please try again.";
  87. } else if(isset($row["user_type"])){
  88. if($row["user_type"]=='student'){
  89. header('location: http://localhost/greenstudio/index.html');
  90. } else if($row["user_type"]=='organizer'){
  91. header('location: http://localhost/greenstudio/index2.html');
  92. } else {
  93. echo "User type was returned as not student nor organizer.";
  94. }
  95. } else {
  96. echo "Sorry, user_type was not returned in the dataset retrieved from the database.";
  97. }
  98. }
  99.  
  100. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!