SHARE
TWEET

Untitled

a guest Mar 15th, 2019 134 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. +---------+----------+--------
  2.    | login_ID | Login_PW| auth  |
  3.    +-------=--+---------+--------
  4.    | User_test|  123    | null  |
  5.    +----------+---------+--------
  6.  
  7.  
  8.  <?php
  9.     function clean($str)
  10.     {
  11.         $str = @trim($str);
  12.         if(get_magic_quotes_gpc()) {
  13.             $str = stripslashes($str);
  14.         }
  15.         return $str;
  16.     }
  17.  
  18.     //Sanitize the POST values
  19.  
  20.     if (isset($_POST['username']))    
  21.     {    
  22.               $username = clean($_POST['username']);    
  23.     }    
  24.  
  25.  
  26.     if (isset($_POST['password']))    
  27.     {    
  28.     $password = clean($_POST['password']);
  29.  
  30.     }    
  31.  
  32.     /* Create a new mysqli object with database connection parameters */
  33.     $mysqli = mysqli_connect('localhost', 'root', '', 'draftdb');
  34.  
  35.     if(mysqli_connect_errno())
  36.     {
  37.         echo "Connection Failed: " . mysqli_connect_errno();
  38.         exit();
  39.     }
  40.  
  41.     /* Is your username the same as the login_id? If not you need to change this query's where to use the username column not the login_id. */
  42.  
  43.     /* Create a prepared statement */
  44.     if($stmt = $mysqli -> prepare("
  45.         SELECT Login_ID, Login_PW
  46.         FROM login  
  47.         WHERE Login_ID=? AND Login_PW=?
  48.     "))
  49.     {
  50.         /* Bind parameters
  51.              s - string, b - boolean, i - int, etc */
  52.         $stmt -> bind_param("ss", $username, $password);
  53.  
  54.         /* Execute it */
  55.         $result = $stmt -> execute();
  56.  
  57.         /* Bind results to variables that will be used within the fetch() loop. */
  58.         $stmt -> bind_result($username, $password);
  59.  
  60.         //Check whether the query was successful or not
  61.         if ($result === false)
  62.          {
  63.             die("Query failed");
  64.          }
  65.           /* Iterate over the results of the query. */
  66.         while ($stmt->fetch())  
  67.         { //while loop open
  68.              if($_POST['username'] == $username && $_POST['password'] == $password)
  69.                 {
  70.             //$member = mysqli_fetch_assoc($result);
  71.  
  72.  
  73.                  session_regenerate_id();
  74.             /* We can create a _SESSION cause we binded the result to those variables above. */
  75.                 //$_SESSION['SESS_MEMBER_ID'] = $username;
  76.                  $_SESSION['username'] = $_POST['username'];
  77.  
  78.  
  79.              session_write_close();
  80.              header("location: member-index.php");
  81.              exit();
  82.  
  83.                 }
  84.  
  85.                 elseif($result -> num_rows == 0 )
  86.                     {
  87.                     header("location: login-failed.php");
  88.                      exit();
  89.                     }
  90.  
  91.          }//while loop close
  92.  
  93.           /* Close statement */
  94.           $stmt -> close();
  95.     }//main if close
  96.  
  97.        /* Close connection */
  98.        $mysqli -> close();
  99.    
  100. <?php
  101.     //Start session
  102.     session_start();
  103.  
  104.     //Check whether the session variable SESS_MEMBER_ID is present or not
  105.     if(!$_SESSION['username']) {
  106.         header("location: access-denied.php");
  107.         exit();
  108.     }
  109. ?>
  110.    
  111. /* Execute it */
  112. $result = $stmt -> execute();
  113. $stmt -> store_result();
  114.  
  115. .
  116. .
  117. .
  118.  
  119. elseif($stmt -> num_rows == 0 ) // note $stmt instead of $result
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top