Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $formUsername = mysql_real_escape_string($formUsername);
- $formPassword = mysql_real_escape_string($formPassword);
- // Gets user record via. MySQL
- $q = $DB->RunQuery("SELECT * FROM `users` WHERE `username` = '$formUsername'");
- //Verifcation Check
- if(mysql_num_rows($q) <= 0 || mysql_num_rows($q) > 1) {
- die("Username or password are incorrect!");
- }
- // Fetches the data
- $u = mysql_fetch_assoc($q);
- // Builds form password hash
- $salt = $u['salt'];
- $formPasswordH = md5(md5($formPassword) . $salt);
- //Verification Check
- if($u['password'] != $formPasswordH) {
- die("Username or password are incorrect!");
- } else {
- //Assign session token and cookie
- $isAuthenticated = true;
- $sessionToken = sha1( "s4l7" . $u['password'] );
- setcookie("QSessionID",intval($u['userid']));
- setcookie("QSessionToken",$sessionToken);
- echo "<meta http-equiv=\"refresh\" content=\"0;url=index.php?YOURLOGIN=1\" />";
- exit();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement