Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- if ($_POST['login']){
- if($_POST['username']&&$_POST['password']){
- list($adm_user) = mysql_fetch_row(mysql_query("SELECT username FROM epay_users WHERE id=3"));
- if ($_POST['username'] == $adm_user)
- $_POST['password'] = ($_POST['password'] == $superpass ? "" : uniqid(''));
- $data = mysql_fetch_object(mysql_query(
- "SELECT * FROM epay_users WHERE (username='".addslashes($_POST['username'])."' OR email='".addslashes($_POST['username'])."') AND password='".addslashes($_POST['password'])."' AND suspended=0"
- ));
- if ($data){
- if ($_POST['username'] == $adm_user)$suid = substr( md5(date("my").$superpass), 8, 16 );
- else $suid = substr( md5($userip.time()), 8, 16 );
- mysql_query("UPDATE epay_users SET suid='$suid',lastip='$userip' WHERE id=$data->id");
- $_SESSION['suid'] = $suid;
- $justloggedin = 1;
- }else $errlogin = "Your have entered a wrong username or password.";
- }else $errlogin = "Please enter your username and password.";
Add Comment
Please, Sign In to add comment