Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(!empty($_POST))
- {
- require(api.php);
- connect();
- $username=$_POST["username"];
- $password=$_POST["password"];
- $sql = "SELECT password, salt FROM users WHERE username='".$username."'";
- $result = mysql_query($sql);
- if(!$result)
- {
- die("<i>login.php: </i>Kunde inte köra fråga: ".mysql_error());
- }
- $entry = mysql_fetch_assoc($result);
- $hashedPassword = sha1($entry["salt"].$password.$username);
- if ($username == $entry["username"] && $hashedPassword == $entry["password"])
- {
- session_start();
- $_SESSION["username"] = $username;
- $_SESSION["password"] = $hashedPassword;
- header("Location: customers.php");
- }
- else
- {
- header("Location: index.php");
- }
- }
- else
- {
- header("Location: index.php");
- //echo("<i>login.php:</i> No POST data");
- }
- // session_start();
- // if(!isset($_SESSION['username']))
- // {
- // header("Location: index.php");
- // }
- ?>
Add Comment
Please, Sign In to add comment