Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- echo "<h1>Welcome back, loyal community member.</h1>";
- $dbconnect = new mysqli("localhost", "benjamin", "TheBestPassword99!", "database0");
- if ($dbconnect->connect_error)
- {
- die("ERROR: Unable to connect: ".$dbconnect->connect_error);
- }
- #$logincust = $dbconnect->real_escape_string($_POST[loginCustomer]); #The real_escape_string ensures that the input cannot use
- #$loginpass = $dbconnect->real_escape_string($_POST[loginPassword]); # SQL injection in this particular input.
- $logincust = $dbconnect->$_POST[loginCustomer]; #The real_escape_string ensures that the input cannot use
- $loginpass = $dbconnect->$_POST[loginPassword];
- $hashcheck = password_hash($loginpass,MD5);
- $sql = $dbconnect->query("SELECT * FROM records0 WHERE CustomerName = '$logincust' AND Password = '$hashcheck'");
- $row = $sql->fetch_assoc();
- if (!$row)
- {
- echo "<body style='background-color:powderblue'>";
- exit("I'm afraid that wasn't quite right, please try again". $dbconnect->error);
- }
- {
- echo "<body style='background-color:powderblue'>";
- echo "Welcome, ". $row["CustomerName"]." ,Your location has been noted, a team is on their way to you";
- }
- #terminate connection
- $dbconnect->close();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement