Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'includes/config.php';
- if(isset($_SESSION['playername']))
- {
- echo '<META HTTP-EQUIV="Refresh" Content="0; URL=board.php">';
- exit;
- }
- if(isset($_POST['pname']) && isset($_POST['ppass']))
- {
- if(!isset($_SESSION['playername']))
- {
- $query = $con->prepare("SELECT salt, pass, name, admin_level, id FROM player WHERE name = ?");
- $query->execute(array($_POST['pname']));
- if($query->rowCount() > 0)
- {
- $data = $query->fetch();
- $salt = $data[0];
- $pass = $data[1];
- $checkpass = strtoupper(hash("sha256", $_POST['ppass'].$salt));
- if($checkpass == $pass)
- {
- $_SESSION['playername'] = $data[2];
- $_SESSION['playeradmin'] = $data[3];
- $_SESSION['id'] = $data[4];
- echo '<META HTTP-EQUIV="Refresh" Content="0; URL=board.php">';
- exit;
- }
- else $err = 'Usuario o contraseña erróneos';
- }
- else $err = 'Usuario o contraseña erróneos';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
