Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'mysqlHandler.php';
- $logged_in = false;
- openConnection();
- $u = mysql_real_escape_string($_POST['username']);
- $p = hashPassword($_POST['password']);
- $_POST['password'] = "";
- $sql = "select username from user where username = '" . $u . "' and password = '" . $p . "'";
- $result = executeQuery($sql);
- if ($result) {
- while ($row = mysql_fetch_array($result)) {
- if ($row['username'] == $u) {
- $logged_in = true;
- }
- }
- }
- if ($logged_in) {
- setcookie("user", $_POST['username'], time() + (604800));
- header("Location:index.php");
- } else {
- header('Location:login.php?bad_login=1&username=' . $_POST["username"]);
- }
- closeConnection();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement