Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $conn = mysql_connect("localhost", "root", "");
- mysql_select_db("ash");
- $user = mysql_real_escape_string($_POST["username"]);
- $pass = mysql_real_escape_string($_POST["password"]);
- $encrypt_pass = sha1($pass);
- $result_admin= mysql_query("SELECT * FROM users WHERE username = '$user' AND password = '$encrypt_pass' AND isadmin = 1");
- $result = mysql_query("SELECT * FROM users WHERE username = '$user' AND password = '$encrypt_pass'");
- if (mysql_num_rows($result) == 0)
- {
- echo "No matching username and password found";
- }
- else if(mysql_num_rows($result_admin) == 1)
- {
- $_SESSION['isadmin']=1;
- $_SESSION['user'] = $_POST["username"];
- header ("Location: index.php");
- }
- else if(mysql_num_rows($result) == 1)
- {
- $_SESSION['user'] = $_POST["username"];
- header ("Location: index.php");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement