Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once("include/config.php");
- session_start();
- $go = mysql_real_escape_string(trim($_GET['go']));
- if (isset($go)) {
- if ($go == "auth") {
- if (isset($_POST['auth'])) {
- $login = mysql_real_escape_string($_POST['login']);
- $password = md5($_POST['password']);
- $join = mysql_query("SELECT `login`, `password`, `access` FROM `maxim_db_user` WHERE login='".$login."' AND password='".$password."'");
- $db_user = mysql_fetch_array($join);
- if(!($db_user <= 0)) {
- if($db_user['login'] == $login and $db_user['password'] == $password) {
- $_SESSION['login'] = $login;
- $_SESSION['password'] = $password;
- $_SESSION['access'] = $db_user['access'];
- header("Location: /user.php");
- } else {
- echo"Логин и пароль Не верные!";
- }
- } else {
- echo"Логин и пароль Не верные!2";
- }
- } else {
- header("Location: /404.php");
- }
- } else {
- echo"Wtf?? Где GET потерял? :D";
- }
- }
- ?>
Add Comment
Please, Sign In to add comment
