Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- mysql_connect('localhost', 'root', 'root');
- mysql_select_db('roseon');
- if ( ($_SERVER['REQUEST_METHOD'] == 'POST') ) {
- $sql = "SELECT id FROM accounts WHERE username = '%s' AND password = '%s';";
- $sql = sprintf($sql, mysql_real_escape_string($_POST['user_name']), md5($_POST['password']));
- $res = @mysql_query($sql);
- if ( $res === false ) {
- echo '<p class="error_block">Problem with loggin in</p>';
- } elseif ( mysql_num_rows($res) == 0 ) {
- echo '<p class="error_block">Invalid combination username/password</p>';
- } else {
- echo '<p class="ok_block">Valid login</p>';
- $_SESSION['user_account_id'] = mysql_result($res, 0);
- }
- }
- if ( isset($_SESSION['user_account_id']) ) {
- echo 'Welcome: ' . $_SESSION['user_account_id'] . '<br />';
- }
- else {
- echo '
- <form action="" method="post">
- <div align="center"><br /></div>
- <table width="400" border="0" align="center">
- <tr>
- <td style="text-align: left;">User name: <input type="text" name="user_name" id="user_name"></td>
- </tr>
- <tr>
- <td style="text-align: left;">Password: <input type="password" name="password" id="password"></td>
- </tr>
- </table>
- <p style="text-align: center;"> <input type="submit" name="login" id="login" value="login">
- </p> </form>
- ';
- }
- /*
- misterius saudara-saudara
- $_SESSION['user_account_id'] = 2;
- yg dicari username = bejo misalnya
- */
- //===========check ada ato tidak
- $sql = "SELECT count(donation) c FROM accounts WHERE username = '%s';";
- $sql = sprintf($sql, $_SESSION['user_account_id']);
- $res = mysql_query($sql) or die("sql:$sql error:".mysql_error());
- $total = $dpts = mysql_result($res, 0);
- echo "total $total (sql:$sql)";
- $sql = "SELECT count(donation) c FROM accounts WHERE id= '%s';";
- $sql = sprintf($sql, $_SESSION['user_account_id']);
- $res = mysql_query($sql) or die("sql:$sql error:".mysql_error());
- $total = $dpts = mysql_result($res, 0);
- echo "total $total (sql:$sql)";
- /*
- $sql = "SELECT donation FROM accounts WHERE username = '%s';";
- $sql = sprintf($sql, $_SESSION['user_account_id']);
- */
- //siapa tau bener
- $sql = "SELECT donation FROM accounts WHERE id = '%s';";
- $sql = sprintf($sql, $_SESSION['user_account_id']);
- $res = mysql_query($sql)or die("sql:$sql| error:".mysql_error());
- if ( $res === false ) {
- echo 'We could not get your donation points from the database, something went wrong!';
- } else {
- $dpts = mysql_result($res, 0);
- echo 'Donation points: ' . $dpts;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement