Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include( "config.php" );
- mysql_connect( $dbhost, $dbuser, $dbpass ) or die( "Unable to connect!" );
- mysql_select_db( $db );
- if( isset( $_POST['username'] ) && isset( $_POST['password'] ) )
- {
- setcookie( "username", mysql_real_escape_string( $_POST['username'] ) );
- setcookie( "password", mysql_real_escape_string( $_POST['password'] ) );
- header( "Location: " . str_ireplace(array( "\b", "\t", "\r", "\n", "%08", "%09", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:" ), "", $_SERVER['PHP_SELF']) );
- }
- else
- {
- if( isset( $_COOKIE['username'] ) && isset( $_COOKIE['password'] ) )
- {
- $query = "SELECT * FROM `members` WHERE username = '" . $_COOKIE['username'] . "' AND password = '" . $_COOKIE['password'] . "'";
- $res = mysql_query( $query ) or die( "Query: " . $query . " failed." );
- $rows = mysql_num_rows( $res );
- if( !$rows )
- {
- die("Username or password invalid!");
- }
- if( isset( $_POST['update'] ) )
- {
- $pass = mysql_real_escape_string( $_POST['new_pass'] );
- $update = "UPDATE members SET password = '" . $pass . "' WHERE username = '" . $_COOKIE['username'];
- mysql_query( $update ) or die( "Unable to update your password, please try again!" );
- }
- else
- {
- $row = mysql_fetch_row( $res );
- ?>
- <div style="text-align: center;">
- <h2>Logged in as: <?= htmlentities( $row[0] ); ?></h2><br /><br />
- <strong>::Change Your Password::</strong>
- <form action="<?= htmlentities( $_SERVER['PHP_SELF'] ); ?>" method="post"><br />
- New Password: <input type="text" name="new_pass" /><br />
- <input type="submit" name="submit" value="::Change Pass::" />
- </form>
- </div>
- <?php
- }
- }
- else
- {
- ?>
- <div style="text-align: center;">
- <strong>::Log In::</strong>
- <form action="<?= htmlentities( $_SERVER['PHP_SELF'] ); ?>" method="post"><br />
- Username: <input type="text" name="username" /><br />
- Password: <input type="password" name="password" /><br />
- <input type="submit" name="submit" value="::Log In::" />
- </form>
- </div>
- <?php
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement