Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include ("../connection.php");
- # make a variable out of the username that was posted in the index-page.
- $username = $_POST['user'];
- # I am not sure what this thing makes.. but it has something with safety to do.
- $escaped_username = mysql_real_escape_string($username);
- # make a md5 password.
- $password = $_POST['pass'];
- $queryN = mysql_query("SELECT * FROM user where username = '".$username."' and password = '".$password."'");#This variable will check if the user is a level 1 user (Normal User)
- $queryA = mysql_query("SELECT * FROM user where username = '".$username."' and password = '".$password."' AND
- level='9'");#This variable will check if the user is a level 9 user (Admin User)
- if(mysql_num_rows($queryN) == 1)
- {
- $resultN = mysql_fetch_assoc($queryN);
- $_SESSION['user'] = $_POST['user'];
- header("location:login.php");
- }
- elseif(mysql_num_rows($queryA) == 1)
- {
- $resultA = mysql_fetch_assoc($queryA);
- $_SESSION['admin'] = $_POST['user'];
- header("location:login.php");
- }
- else
- {
- echo "Wrong Username or Password";
- }
- ?>
- <form name="back" method="post" action="login.php">
- <input type="submit" name="back" id="back" value="Back to Home">
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement