Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $connect = mysqli_connect('localhost', 'root', '12345', 'bugs');
- $result = mysqli_query($connect, "Select * from user");
- if (mysqli_connect_errno()) {
- echo "Failed to connect to MySQL: " . mysqli_connect_error();
- }
- //protect from html
- $user_login = htmlspecialchars($_POST['login']);
- $user_password = htmlspecialchars($_POST['pass']);
- //protected from sql
- $login = mysqli_real_escape_string($connect, $user_login);
- $password = md5(mysqli_real_escape_string($connect, $user_password)).$login;
- //Log IN
- if (isset($_POST['login_b'])&& strlen($login)<25 && strlen($password)<25) {
- $query = "Select * from user where login='$login' and password='$password'";
- $result = mysqli_query($connect, $query);
- $myrow = mysqli_fetch_assoc($result);
- if (!empty($myrow)) {
- echo "<p align=center>Hello," . $myrow['login'] . "</p>";
- } else {
- echo "<p align=center>Wrong login: " . $user_login . " OR Password: " . $user_password . "</p>";
- }
- }
- //Registration
- if (isset($_POST['reg'])&& strlen($login)<25 && strlen($password)<25) {
- $result = mysqli_query($connect, "insert into user (login,password) values ('$login','$password')");
- }
- mysqli_close($connect);
- ?>
- <html>
- <head>
- <title>LogIn</title>
- </head>
- <body>
- <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
- <table align="center">
- <tr>
- <td><b>Login:</b></td>
- <td>
- <input type='text' name='login'>
- </td>
- </tr>
- <tr>
- <td><b>Password:</b></td>
- <td>
- <input type='text' name='pass'>
- </td>
- </tr>
- <tr>
- <td align="center" colspan='2'>
- <input id="button" name="login_b" style=" width: 110px;height: 50px" type='submit' value="Log In">
- <input id="button" name="reg" style="width: 110px;height: 50px" type='submit' value="Registration">
- </td>
- </tr>
- </table>
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
