Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('mysql_connect.php');
- $database = mysql_select_db("dotplay_users");
- $usernamecheck = mysql_real_escape_string($_COOKIE['username']);
- $userquerycheck = mysql_query("SELECT email, username FROM registered WHERE username='$usernamecheck' LIMIT 1");
- $userarraycheck = mysql_fetch_array($userquerycheck);
- $secretcheck = hash("sha512", $userarraycheck[email].$_SERVER["remote_addr"]);
- if($_COOKIE['sessionkey'] == $secretcheck && $_COOKIE['username'] == $userarraycheck[username]) {
- header("Location: index.php");
- exit;
- }
- else {
- if (empty($_POST['userlogin']) || empty($_POST['userpassword'])){
- header("Location: index.php?login=empty");
- exit;
- }
- if(isset($_POST["userlogin"]) && isset($_POST["userpassword"]))
- {
- $userlogin = mysql_real_escape_string(stripslashes(strip_tags(trim(htmlspecialchars($_POST['userlogin'])))));
- $querysalt = mysql_query("SELECT salt FROM secret_safety.salt WHERE username='$userlogin'");
- while($salt1 = mysql_fetch_array($querysalt)) {
- $password = hash('sha512', $_POST['userpassword'].'asd434123fsdf3598saew7ew0w6esadawe7e0ewq0as0fs2f2d1612e'.$salt1[salt]);
- }
- $query = mysql_query("SELECT * FROM registered WHERE username='$userlogin' AND password='$password'");
- $listuser = mysql_fetch_array($query);
- if (mysql_num_rows($query) > 0) {
- if($listuser[welcome] > '0'){
- $sql = "UPDATE registered SET welcome = '2' WHERE username = '$userlogin'";
- mysql_query("$sql") or die(mysql_error());
- }
- elseif($listuser[welcome] == '0'){
- $sqls = "UPDATE registered SET welcome = '2' WHERE username = '$userlogin'"; //Sätter den till värde på ifall databasen på nåt sätt har ändrat welcome-värdet till 0, så visas welcomeback oavsett vad. Welcome ska ju bara visas vid första visningen / när man registrerar sig; därför omöjligör jag att den på nåt sätt visar bara 'welcome' igen genom att sätta den till 2 ifall den är lika med noll i databasen i detta loginskriptet.
- mysql_query("$sqls") or die(mysql_error());
- }
- $secret = hash("sha512", $listuser[email].$_SERVER["remote_addr"]);
- setcookie("username", $listuser[username], time()+7200);
- setcookie("sessionkey", $secret, time()+7200);
- header("Location: index.php");
- exit;
- } else {
- header("Location: index.php?login=error");
- exit;
- }
- }
- else {
- header("Location: index.php?login=error");
- exit;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement