Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!isset($_POST["username"])
- OR !isset($_POST["password"])
- OR !isset($_POST["securitytoken"])) {
- die ("Post parameters not right - Hacking attempt?");
- }
- require_once '../inc/init.php';
- $username = mysql_real_escape_string($_POST["username"]);
- $password = mysql_real_escape_string($_POST["password"]);
- $redirect = @$_POST["redirect"];
- $database->query("SELECT `id`, `password`, `name`, FROM `accounts` WHERE name = '".($username)."'");
- if ($row = $database->fetch_next()) {
- if (hash('sha1',$password) == $row["password"] || sha1($password) == $row["password"]) {
- echo "Success";
- $_SESSION['moongra_user'] = $row["name"];
- $_SESSION['moongra_id'] = $row["id"];
- $_SESSION['moongra_sessionid'] = hash("sha512", $username + time());
- } else {
- echo "Your password seems to be wrong. Please try again";
- }
- } else {
- echo "This account does not exist. Please try again";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement